Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PUP.InfoAtoms in Registry that Malwarebytes keeps detecting [Closed]


  • This topic is locked This topic is locked

#1
mbk123

mbk123

    New Member

  • Member
  • Pip
  • 7 posts
Thanks for reading. I am not really seeing any issues with my desktop but I don't want to take chances. Everyday Malwarebytes Pro finds this Registry issue but can't do anything.
Any help would be appreciated.

Here is the log from malwarebytes
//////////////////
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
milton :: FLASH [administrator]

Protection: Enabled

6/8/2013 2:00:22 AM
mbam-log-2013-06-08 (02-00-22).txt

Scan type: Full scan (C:\|F:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 808001
Time elapsed: 2 hour(s), 51 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
//////////////////

Here is the OTL log

OTL logfile created on: 6/6/2013 8:14:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milton\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 9.23 Gb Available Physical Memory | 57.74% Memory free
63.96 Gb Paging File | 57.10 Gb Available in Paging File | 89.28% Paging File free
Paging file location(s): c:\pagefile.sys 0 0f:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.63 Gb Total Space | 238.18 Gb Free Space | 25.84% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 145.52 Gb Free Space | 31.24% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 79.62 Gb Free Space | 17.10% Space Free | Partition Type: NTFS
Drive N: | 2048.00 Gb Total Space | 1429.17 Gb Free Space | 69.78% Space Free | Partition Type: NTFS
Drive Q: | 2048.00 Gb Total Space | 1429.17 Gb Free Space | 69.78% Space Free | Partition Type: NTFS
Drive S: | 2048.00 Gb Total Space | 1418.04 Gb Free Space | 69.24% Space Free | Partition Type: NTFS
Drive T: | 2048.00 Gb Total Space | 1418.04 Gb Free Space | 69.24% Space Free | Partition Type: NTFS
Drive Y: | 2048.00 Gb Total Space | 1418.04 Gb Free Space | 69.24% Space Free | Partition Type: NTFS
Drive Z: | 2048.00 Gb Total Space | 1429.17 Gb Free Space | 69.78% Space Free | Partition Type: NTFS

Computer Name: FLASH | User Name: milton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/06 20:14:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milton\Downloads\OTL.exe
PRC - [2013/05/22 17:46:08 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013/05/20 16:53:28 | 001,226,928 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013/05/20 16:53:28 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/01/28 14:08:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/12 19:26:56 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
PRC - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
PRC - [2012/09/06 06:44:28 | 001,131,336 | ---- | M] (PacketVideo) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2012/07/03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/02/13 04:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit\fitbit.exe
PRC - [2011/06/17 11:01:56 | 000,353,728 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
PRC - [2011/05/28 04:22:00 | 001,811,784 | ---- | M] (Actual Tools) -- C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe
PRC - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe
PRC - [2011/04/22 17:28:46 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
PRC - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/02/01 06:54:30 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2011/01/19 12:36:30 | 000,077,824 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
PRC - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
PRC - [2010/06/10 14:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
PRC - [2009/08/17 13:01:44 | 000,099,176 | ---- | M] (SiSoftware) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe
PRC - [2008/12/10 20:33:06 | 000,353,976 | ---- | M] (X1 Technologies, Inc.) -- C:\Program Files (x86)\X1\X1Systray.exe
PRC - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\FxSvr2.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/28 18:24:37 | 000,557,056 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\pysqlite2._sqlite.pyd
MOD - [2013/05/28 18:24:37 | 000,128,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_elementtree.pyd
MOD - [2013/05/28 18:24:37 | 000,098,816 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32api.pyd
MOD - [2013/05/28 18:24:37 | 000,044,032 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_socket.pyd
MOD - [2013/05/28 18:24:37 | 000,026,624 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_multiprocessing.pyd
MOD - [2013/05/28 18:24:37 | 000,022,528 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32ts.pyd
MOD - [2013/05/28 18:24:36 | 001,022,416 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\windows._cacheinvalidation.pyd
MOD - [2013/05/28 18:24:36 | 000,805,888 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._gdi_.pyd
MOD - [2013/05/28 18:24:36 | 000,735,232 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._misc_.pyd
MOD - [2013/05/28 18:24:36 | 000,364,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\pythoncom27.dll
MOD - [2013/05/28 18:24:36 | 000,320,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32com.shell.shell.pyd
MOD - [2013/05/28 18:24:36 | 000,110,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\PyWinTypes27.dll
MOD - [2013/05/28 18:24:36 | 000,108,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32security.pyd
MOD - [2013/05/28 18:24:36 | 000,087,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_ctypes.pyd
MOD - [2013/05/28 18:24:36 | 000,070,656 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._html2.pyd
MOD - [2013/05/28 18:24:36 | 000,017,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32profile.pyd
MOD - [2013/05/28 18:24:36 | 000,011,264 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32crypt.pyd
MOD - [2013/05/28 18:24:35 | 001,175,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._core_.pyd
MOD - [2013/05/28 18:24:35 | 001,153,024 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_ssl.pyd
MOD - [2013/05/28 18:24:35 | 000,811,008 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._windows_.pyd
MOD - [2013/05/28 18:24:35 | 000,711,680 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\_hashlib.pyd
MOD - [2013/05/28 18:24:35 | 000,122,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._wizard.pyd
MOD - [2013/05/28 18:24:35 | 000,119,808 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32file.pyd
MOD - [2013/05/28 18:24:35 | 000,035,840 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32process.pyd
MOD - [2013/05/28 18:24:35 | 000,025,600 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32pdh.pyd
MOD - [2013/05/28 18:24:34 | 001,062,400 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\wx._controls_.pyd
MOD - [2013/05/28 18:24:34 | 000,686,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\unicodedata.pyd
MOD - [2013/05/28 18:24:34 | 000,127,488 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\pyexpat.pyd
MOD - [2013/05/28 18:24:34 | 000,038,912 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32inet.pyd
MOD - [2013/05/28 18:24:34 | 000,018,432 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\win32event.pyd
MOD - [2013/05/28 18:24:34 | 000,010,240 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI55762\select.pyd
MOD - [2013/05/23 01:44:07 | 000,393,168 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll
MOD - [2013/05/23 01:44:06 | 013,136,336 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MOD - [2013/05/23 01:43:59 | 004,051,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013/05/23 01:43:06 | 000,599,504 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\libglesv2.dll
MOD - [2013/05/23 01:43:05 | 000,124,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\libegl.dll
MOD - [2013/05/23 01:43:03 | 001,597,392 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2013/05/20 16:53:28 | 000,158,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll
MOD - [2013/05/15 03:12:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/15 03:11:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/04/15 10:17:45 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013/04/15 10:12:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/04/15 10:11:08 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/15 10:10:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/04/15 10:10:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/15 10:10:20 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/09/08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/09/08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
MOD - [2011/04/08 13:53:48 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/16 15:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
MOD - [2008/11/12 15:32:30 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardPath.dll
MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/12 19:28:39 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Stopped] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2011/04/11 14:44:46 | 000,171,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/17 13:01:44 | 000,099,176 | ---- | M] (SiSoftware) [On_Demand | Running] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/27 19:29:37 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/05/27 19:29:23 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/20 16:53:28 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/05 20:25:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/11/14 07:43:01 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\milton\AppData\Local\Temp\7zS6747\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2012/10/10 20:01:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -- (TwonkyProxy)
SRV - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -- (TwonkyWebDav)
SRV - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/10 15:35:20 | 000,227,184 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2011/06/17 11:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe -- (DDService)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/11/08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/05 09:21:46 | 000,221,184 | ---- | M] (Visioneer Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/09/09 17:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/08/27 19:21:32 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/24 21:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\DfSdkS.exe -- (DfSdkS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/04/18 02:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/27 19:29:24 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/05 20:14:02 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2013/02/22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/01 20:03:58 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011/08/09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/07/07 08:34:08 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/05/04 17:20:32 | 000,340,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011/04/30 04:34:56 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/04/04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/20 15:13:28 | 000,034,840 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys -- (CSN5PDTS82x64)
DRV:64bit: - [2010/04/11 18:24:08 | 000,014,976 | ---- | M] (MaxiVista) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mvCmdemo.SYS -- (mvCmdemo)
DRV:64bit: - [2010/04/11 18:24:06 | 000,013,440 | ---- | M] (MaxiVista) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mvvideodemo.sys -- (mvvideodemo)
DRV:64bit: - [2010/04/07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/02/24 14:12:34 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/10/21 03:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Running] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 11:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/08/11 13:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 13:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2008/02/13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/10/15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
DRV:64bit: - [2007/04/19 08:55:50 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2007/04/19 08:55:50 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2007/04/19 08:55:50 | 000,016,896 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV - [2013/05/27 19:29:36 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/10/26 12:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=114
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=114&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=114&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=114
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=114
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.powerspec.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=114
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=114&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=114&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=114
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=114
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{3CC7BB73-B52A-4E2B-98F9-599C5ECF6A09}: "URL" = http://www.google.co...1I7GZAZ_enUS352
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-02-23 09:23:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = https://isearch.avg....fr&d=2012-02-23 09:23:49&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=114"
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=114"
FF - prefs.js..keyword.URL: "http://search.certif...114&bs=true&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@EDVR/WebClient: C:\windows\system32\WebClient\npwebclient.dll (Google)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\milton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\milton\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\milton\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\plugin\FFExtensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/09/19 07:45:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013/04/10 14:42:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012/07/18 21:54:16 | 000,136,026 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/18 18:43:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/02/09 12:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\milton\AppData\Roaming\Move Networks [2013/02/16 05:45:35 | 000,000,000 | ---D | M]

[2012/03/12 08:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Extensions
[2013/04/23 09:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions
[2013/01/12 01:15:02 | 000,000,000 | ---D | M] (CertifiedToolbar) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\{4e33ede2-c592-400f-a22b-5ae82f77d951}
[2013/04/10 14:42:12 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/04/23 09:35:26 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/04/23 09:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions
[2013/01/12 01:15:02 | 000,000,000 | ---D | M] (CertifiedToolbar) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\{4e33ede2-c592-400f-a22b-5ae82f77d951}
[2009/10/24 15:56:12 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2013/04/23 09:35:27 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2012/03/12 08:43:51 | 000,255,045 | ---- | M] () (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/01/12 01:14:54 | 000,003,267 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\searchplugins\Web Search.xml
[2013/04/10 14:42:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/10 14:42:09 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll
[2013/05/20 16:53:57 | 000,003,716 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2013/01/12 01:14:54 | 000,003,267 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: NPLastPass (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpass.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\milton\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\milton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Gadget Runner = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbfiejepbnaphfnbaakjibbbechdhhf\1.3_0\
CHR - Extension: Google Drive = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Bookmark Sentry = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.13_0\
CHR - Extension: YouTube = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Honey = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.1.3_0\
CHR - Extension: Honey = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.2.4_0\
CHR - Extension: Google Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Facebook Ads Blocker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna\1.1.0_0\
CHR - Extension: Facebook for Chrome = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.2_0\
CHR - Extension: Facebook for Chrome = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.3_0\
CHR - Extension: Stopwatch = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.6_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: TweetDeck = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\2.8.2_0\
CHR - Extension: TweetDeck = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.0.0_0\
CHR - Extension: LastPass = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.25_0\
CHR - Extension: InfoAtoms = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.6.0.1_0\
CHR - Extension: SuperSorter = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\0.4.3_0\
CHR - Extension: News Ticker Remover for Facebook = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbogeebjloglncnccgemjfedfhobfak\1.5_0\
CHR - Extension: Social Fixer = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjaijdkhejnbfpodmofannadgfokfnm\7.501_0\
CHR - Extension: AVG Safe Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Any.DO = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.3_0\
CHR - Extension: Google Mail Checker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: GetSavin = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
CHR - Extension: Print = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiefodmmloajakmcfnpnjpkldellhlj\1.1_0\
CHR - Extension: Popup my Bookmarks = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni\1.5.1.1505_0\
CHR - Extension: Popup my Bookmarks = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni\1.6.0.206_0\
CHR - Extension: AVG Security Toolbar = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.2.0.5_0\
CHR - Extension: LogMeIn = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgnihglilniboicepgjclfiageofdfj\1.0.0.1007_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Open Bookmark Manager = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd\1.3_0\
CHR - Extension: imo messenger = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.1_0\
CHR - Extension: imo messenger = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4_0\
CHR - Extension: Picasa = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Evernote Web Clipper = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.15_0\
CHR - Extension: Gmail = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: 3D Tennis = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpokfkdchapbkfpkmeiebmlfafbljla\4.0.0_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (GetSavin 5.0) - {05F84B9D-D1B9-463D-990D-7A13C7380793} - C:\Users\milton\AppData\Local\getsavin\ie\getsavin_1365619201.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extension) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll (Nuance Communications, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [OneTouch Monitor] C:\Program Files (x86)\Visioneer OneTouch\OneTouchMon.exe (Visioneer Inc)
O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe (AVG Secure Search)
O4 - HKCU..\Run: [Actual Window Manager] C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe (Actual Tools)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\milton\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [X1FileMonitor.exe] C:\Program Files (x86)\X1\X1FileMonitor.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk = C:\Program Files (x86)\No-IP\DUC30.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twonky 7.1.lnk = C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\X1 System Tray.lnk = C:\Program Files (x86)\X1\X1Systray.exe (X1 Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcp...ls/pctuneup.cab (VersionControl Class)
O16 - DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///D:/activeX/DCP.cab (DCPForm Control 1.0.1.1)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {1DC4A509-9C17-4538-B5AA-DB0BA27ED400} http://kkom.cable-mo...in/WebViewS.cab (Hybrid WebView)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} file:///D:/activeX/aplugLiteDL.cab (Gif89 Lite +Audio Class)
O16 - DPF: {7451D317-862C-45DA-8C28-1B21ADF95877} http://kkom.cable-mo...rg/WebViewS.cab (Hybrid WebView)
O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} https://ssl.verizonb...e/NetDirect.cab (NetDirect)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} https://www36.verizo...VoiceVMUtil.CAB (IOBIVMUtil.VMDecoder)
O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} http://gessingirls.d....org/DvrOcx.cab (DvrOcx Control)
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://kkom.cable-mo...0/WebClient.exe (WebClient Control)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://gold.cable-mo...hecker_8300.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DCBF889B-422B-4AA0-9914-D5045A103758} http://kkom.cable-modem.org/WebRPB.cab (WebRPB Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FEC048AB-277A-460C-BF50-1A4193AEF148} http://gold.cable-mo...Center_8300.cab (DownloadCenter Control)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12C640E8-6904-4A58-B005-807F1CF6E075}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/milton/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell\AutoRun\command - "" = O:\setup.exe -a
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell\AutoRun\command - "" = O:\MotoCastSetup.exe -a
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell\AutoRun\command - "" = M:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/06 19:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/06/03 20:44:35 | 000,000,000 | ---D | C] -- C:\Users\milton\AppData\Local\{29C8938C-21C7-4F57-ACF6-910B535CEC77}
[2013/05/31 22:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[email protected] KillDisk
[2013/05/25 16:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2013/05/11 20:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0
[2013/05/11 20:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IVA
[2013/05/11 20:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nuance
[2013/05/11 20:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013/05/11 19:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Newshosting
[2013/05/11 19:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Newshosting
[2013/04/23 09:35:25 | 014,880,256 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2003/06/06 05:42:33 | 004,499,612 | ---- | C] (Canon Inc. ) -- C:\Users\milton\setup.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]
[1 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 354,713,599 | ---- | M] () -- C:\Users\milton\Desktop\babelfish-rosettaa.iso
[2013/06/06 20:18:08 | 000,000,000 | ---- | M] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2013/06/06 19:58:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/06 19:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/06 19:29:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/06 18:46:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/06 09:46:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/05 23:58:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/03 20:44:29 | 000,783,394 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/03 20:44:29 | 000,663,238 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/03 20:44:29 | 000,122,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/03 08:07:36 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/06/02 20:57:04 | 000,001,024 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2013/06/01 11:45:52 | 011,862,016 | ---- | M] () -- C:\ProgramData\sandra.mda
[2013/05/28 19:38:33 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/28 19:38:33 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/28 18:23:31 | 000,000,733 | ---- | M] () -- C:\Windows\SysNative\.lck
[2013/05/27 19:29:24 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/05/27 19:29:24 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/05/27 19:29:23 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/05/26 03:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/26 03:06:46 | 4287,385,598 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/25 03:09:10 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/15 04:52:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 04:51:59 | 000,420,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/12 21:21:06 | 000,003,675 | ---- | M] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | M] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]
[1 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/03 08:07:36 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/05/25 03:09:10 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/12 21:21:06 | 000,003,675 | ---- | C] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | C] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting.lnk
[2013/03/31 15:48:10 | 000,000,182 | ---- | C] () -- C:\Users\milton\.packettracer
[2013/01/17 18:42:31 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\BRDH4150CDN.DAT
[2013/01/17 16:18:28 | 000,001,024 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2013/01/12 01:14:59 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/11/26 18:37:35 | 000,000,000 | ---- | C] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2012/03/15 17:35:26 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI
[2012/02/14 11:07:54 | 000,000,022 | ---- | C] () -- C:\Windows\BMUpdate.ini
[2011/09/29 12:27:23 | 000,013,030 | ---- | C] () -- C:\ProgramData\PDOXUSRS.NET
[2011/09/15 10:40:12 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/08/11 22:56:39 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\sys32dlkb.dll
[2011/08/04 13:46:54 | 000,110,456 | ---- | C] () -- C:\Users\milton\g2ax_customer_downloadhelper_win32_x86.exe
[2011/07/27 16:49:10 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/06/27 16:23:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/28 14:28:44 | 000,213,187 | ---- | C] () -- C:\Users\milton\AppData\Roaming\MMUpgrade.jpg
[2011/01/15 16:16:22 | 000,112,640 | ---- | C] () -- C:\Users\milton\AppData\Roaming\chrtmp
[2011/01/11 19:55:23 | 000,060,928 | ---- | C] () -- C:\Users\milton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 17:36:54 | 000,000,197 | ---- | C] () -- C:\Users\milton\RmUserCfg.ini
[2010/07/30 11:28:50 | 000,000,026 | ---- | C] () -- C:\Users\milton\AppData\Local\boot.dat
[2010/06/21 09:12:33 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/04/14 07:14:26 | 000,000,218 | ---- | C] () -- C:\Users\milton\.recently-used.xbel
[2010/02/01 12:06:28 | 000,000,355 | ---- | C] () -- C:\Users\milton\Computer - Shortcut.lnk
[2009/11/17 11:42:24 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/11/16 18:11:17 | 000,007,643 | ---- | C] () -- C:\Users\milton\AppData\Local\resmon.resmoncfg
[2009/11/05 23:47:40 | 000,000,980 | ---- | C] () -- C:\Users\milton\AppData\Local\7F68A003.il
[2009/11/05 23:47:40 | 000,000,448 | ---- | C] () -- C:\Users\milton\AppData\Local\IndexIE_7F68A003.il
[2009/10/25 13:21:54 | 011,862,016 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/06/19 07:53:35 | 000,000,581 | ---- | C] () -- C:\Users\milton\.hawkscope.properties
[2009/04/28 12:37:29 | 000,031,202 | ---- | C] () -- C:\Users\milton\parenting.jpg
[2008/12/09 18:11:59 | 000,031,364 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt
[2008/12/09 18:11:59 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt.style
[2008/12/09 18:11:21 | 000,045,152 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt
[2008/12/09 18:11:21 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt.style
[2008/12/09 18:02:31 | 731,879,424 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.avi
[2008/05/20 08:07:55 | 000,000,256 | ---- | C] () -- C:\Users\milton\pool.bin
[2008/04/24 09:08:28 | 000,103,784 | ---- | C] () -- C:\Users\milton\GoToAssistDownloadHelper.exe
[2007/08/24 13:18:08 | 000,000,124 | ---- | C] () -- C:\Users\milton\default.pls
[2003/06/06 05:42:34 | 000,152,064 | ---- | C] () -- C:\Users\milton\1031.mst
[2003/06/06 05:42:34 | 000,125,952 | ---- | C] () -- C:\Users\milton\1033.mst
[2003/06/06 05:42:33 | 025,509,672 | ---- | C] () -- C:\Users\milton\Data1.cab
[2003/06/06 05:42:33 | 003,126,272 | ---- | C] () -- C:\Users\milton\DV Network Software.msi
[2003/06/06 05:42:33 | 000,160,768 | ---- | C] () -- C:\Users\milton\1040.mst
[2003/06/06 05:42:33 | 000,160,256 | ---- | C] () -- C:\Users\milton\1034.mst
[2003/06/06 05:42:33 | 000,158,208 | ---- | C] () -- C:\Users\milton\1036.mst

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/05/18 19:34:48 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.minecraft
[2013/01/05 10:54:01 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.oit
[2012/08/29 08:24:32 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.purple
[2010/03/12 09:57:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\1&1
[2012/02/08 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ACD Systems
[2009/11/04 07:50:41 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Actual Tools
[2013/01/10 09:39:21 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\aignes
[2010/01/07 09:16:49 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Apowersoft
[2011/03/29 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Ashampoo
[2010/03/23 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Astroburn Lite
[2011/06/16 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS
[2011/06/16 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS WebStorage
[2011/06/16 11:18:45 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS.AF361EFD06694D11175EA8BF6E21597A36AD9F1D.1
[2011/07/20 08:45:58 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\AVG10
[2013/01/12 01:15:04 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\AviDvdBurner
[2012/04/15 12:34:47 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\BDlot
[2013/05/11 20:12:21 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\BitTorrent
[2011/07/27 16:49:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Broken Rules
[2009/12/30 09:40:56 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CasinoOnNet
[2011/09/29 12:38:22 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Colasoft Capsa 7.4 - Free Edition
[2011/09/29 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Colasoft MAC Scanner
[2010/01/09 10:13:37 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CompanionLink
[2013/01/28 09:20:12 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CrashPlan
[2011/07/27 14:37:35 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Crayon Physics Deluxe
[2009/10/24 00:28:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DAEMON Tools Lite
[2012/01/06 12:48:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Digiarty
[2011/10/17 09:27:03 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DlinkViewCam
[2013/05/28 18:25:15 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Dropbox
[2011/09/13 17:19:23 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DVD Catalyst 4
[2011/06/16 10:59:15 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\eCareme
[2012/02/14 11:12:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\EPSON
[2010/02/10 09:33:16 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ESET
[2010/03/08 12:41:51 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Facebook
[2013/01/05 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\FileZilla
[2011/03/11 12:20:09 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\FreshDiagnose
[2012/03/15 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Fujitsu
[2011/04/09 20:48:46 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\GARMIN
[2010/07/31 14:54:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Genie-Soft
[2010/01/07 00:39:31 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\GrabPro
[2010/04/12 08:58:28 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\gtk-2.0
[2010/04/29 11:18:13 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\HandBrake
[2011/08/23 20:38:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\InfraRecorder
[2011/01/17 10:32:54 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\JAM Software
[2011/08/03 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Lazy 8 Studios
[2009/10/24 00:23:29 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Leadertech
[2012/08/15 08:18:05 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\mjusbsp
[2012/09/07 08:25:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Newshosting
[2011/09/08 08:41:26 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\NewsLeecher
[2012/02/13 08:41:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Nolo
[2013/05/11 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Nuance
[2010/09/01 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\NUUO
[2010/02/01 18:00:03 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Orbit
[2011/06/16 11:18:50 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Outlook
[2010/09/28 11:04:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Passware
[2011/08/15 10:41:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\PCPitstop
[2012/03/15 17:49:27 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\PFU
[2011/07/11 21:10:25 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Polar WebSync
[2010/05/21 08:27:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ProcessLasso
[2010/06/21 09:24:17 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Soluto
[2013/05/11 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Spotify
[2011/12/28 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Stardock
[2011/07/31 15:53:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\SystemRequirementsLab
[2013/06/03 20:43:48 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TeraCopy
[2012/10/19 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Thunderbird
[2010/11/09 21:24:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\tidysongs16
[2009/11/25 09:52:53 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TrueCrypt
[2013/05/28 18:24:44 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TwonkyServer
[2010/06/25 08:49:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Uniblue
[2013/04/23 11:11:25 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\webex
[2012/11/27 18:28:54 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\XBMC
[2013/01/12 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Xilisoft
[2009/12/09 11:25:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Zeon

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2008/03/17 15:39:42 | 000,142,848 | ---- | M] ()(C:\Users\milton\Documents\???? ???????.doc) -- C:\Users\milton\Documents\טיסה לניאגרה.doc
[2008/03/17 15:38:48 | 000,142,848 | ---- | C] ()(C:\Users\milton\Documents\???? ???????.doc) -- C:\Users\milton\Documents\טיסה לניאגרה.doc
[2008/03/17 15:37:42 | 000,251,082 | ---- | M] ()(C:\Users\milton\Documents\?????? ????.pdf) -- C:\Users\milton\Documents\כרטיסי טיסה.pdf
[2008/03/17 15:36:03 | 000,251,082 | ---- | C] ()(C:\Users\milton\Documents\?????? ????.pdf) -- C:\Users\milton\Documents\כרטיסי טיסה.pdf

========== Alternate Data Streams ==========

@Alternate Data Stream - 216952 bytes -> C:\Users\milton\Desktop\David Bar Mitzah 2009_05_03_11_44_30.avi:TOC.WMV
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:D4810DBE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:01C66DD9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C671BC00

< End of report >
  • 0

Advertisements


#2
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hello mbk123 and :welcome:

My name is Tom and I am going to be helping you with your malware removal. Please note that as I am currently still in training, all of my posts have to be approved by my instructor prior to me posting them.

Before we continue, I would like you to read the following text:

  • Some of my instructions may be carried out in safe mode, where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference
  • Please do not attach your logs to your post, instead I would like you to copy and paste the contents into your post
  • Please do NOT use any other tools, fixes or scripts unless instructed to do so by myself. Not only could this damage your system, but it will make it harder for me to fix your problem
  • If you do not understand any of my instructions, then feel free to ask me and I will explain in further detail
  • Please be patient. Malware removal is a long process and requires many steps, if you stick with me, I'll help you get through this
  • Stay with me until I deem your computer clean. A lack of symptoms does not always mean that the system is clean
  • Please make sure you have read and understood my instructions before continuing with them, spelling errors in the scripts etc. could cause adverse effects to your system
  • If you do not hear a reply from me in 36 hours, then simply post "bump" on the thread
  • Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed

I have submitted my fix to my instructor and will get back to you as soon as possible.

Tom
  • 0

#3
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hi mbk123,

OTL Fix

  • Run OTL.
  • Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:


    :Commands
    [CreateRestorePoint]
    
    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=114
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=114&bs=true&q=
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=114&bs=true&q=
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=114
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=114
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=114
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=114&bs=true&q=
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=114&bs=true&q=
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=114
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=114
    IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    FF - prefs.js..browser.search.defaultenginename: "Web Search"
    FF - prefs.js..browser.search.selectedEngine: "Web Search"
    FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si=39033&home=true&tid=114"
    FF - prefs.js..browser.search.defaultengine: "Web Search"
    FF - prefs.js..browser.search.order.1: "Web Search"
    FF - prefs.js..browser.search.useDBForOrder: false
    FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si=39033&home=true&tid=114"
    FF - prefs.js..keyword.URL: "http://search.certified-toolbar.com?si=39033&tid=114&bs=true&q="
    FF - user.js - File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013/04/10 14:42:09 | 000,000,000 | ---D | M]
    [2013/01/12 01:15:02 | 000,000,000 | ---D | M] (CertifiedToolbar) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\{4e33ede2-c592-400f-a22b-5ae82f77d951}
    [2013/04/10 14:42:12 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
    [2013/01/12 01:15:02 | 000,000,000 | ---D | M] (CertifiedToolbar) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\{4e33ede2-c592-400f-a22b-5ae82f77d951}
    [2012/03/12 08:43:51 | 000,255,045 | ---- | M] () (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
    [2013/01/12 01:14:54 | 000,003,267 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\searchplugins\Web Search.xml
    [2013/04/10 14:42:09 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
    [2013/01/12 01:14:54 | 000,003,267 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
    CHR - Extension: InfoAtoms = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.6.0.1_0\
    O2 - BHO: (GetSavin 5.0) - {05F84B9D-D1B9-463D-990D-7A13C7380793} - C:\Users\milton\AppData\Local\getsavin\ie\getsavin_1365619201.dll ()
    [2013/01/12 01:14:59 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
    
    :Files
    C:\Users\milton\AppData\Local\getsavin
    
    :Commands
    [EMPTYTEMP]

  • Click the Run Fix button.
  • After your computer has rebooted, run OTL and click Quick Scan.
  • Copy and paste the contents of the log that it produces into your next post.

AdwCleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1


  • Right-click on AdwCleaner.exe and select Run as administrator.
  • Click the Delete button.
  • Upon completion of the scan, a report will open.
  • When it asks you to reboot, click OK.
  • After you have rebooted, the log should appear. Please Copy (Ctrl + C) and Paste (Ctrl + V) this into your next post.

Note: The log can also be found on here: C:\AdwCleaner[R1].txt.


Do you know what these files are?

C:\Users\milton\Documents\טיסה לניאגרה.doc
C:\Users\milton\Documents\טיסה לניאגרה.doc
C:\Users\milton\Documents\כרטיסי טיסה.pdf
C:\Users\milton\Documents\כרטיסי טיסה.pdf

I would also like to know how your computer is performing after running this fix please :)

Can you post the additional log please?

C:\Users\milton\Downloads\Extras.txt

Tom
  • 0

#4
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Tom,

Do you want me to do all this straight thru or do you want the fresh log from OTL before I do the AdwCleaner part? I'm also a bit confused with the adwcleaner part. Are you wanting me to download it then delete it?? When I went to download it in explorer I get plenty of popups telling me that this isn't something normally downloaded and it went red in my download popup.


Click the Run Fix button.
After your computer has rebooted, run OTL and click Quick Scan.
Copy and paste the contents of the log that it produces into your next post.


AdwCleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1



Right-click on AdwCleaner.exe and select Run as administrator.

Click the Delete button.

Upon completion of the scan, a report will open.

When it asks you to reboot, click OK.

After you have rebooted, the log should appear. Please Copy (Ctrl + C) and Paste (Ctrl + V) this into your next post.


Note: The log can also be found on here: C:\AdwCleaner[R1].txt.


Do you know what these files are?
(these files are documents from Israel, hence the Hebrew letters)
  • 0

#5
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here you go Tom. I didn't do the adwcleaner yet. Waiting on clarification.


OTL logfile created on: 6/8/2013 8:44:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milton\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 11.59 Gb Available Physical Memory | 72.47% Memory free
63.96 Gb Paging File | 58.90 Gb Available in Paging File | 92.08% Paging File free
Paging file location(s): c:\pagefile.sys 0 0f:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.63 Gb Total Space | 264.82 Gb Free Space | 28.73% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 145.45 Gb Free Space | 31.23% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 79.49 Gb Free Space | 17.07% Space Free | Partition Type: NTFS
Drive N: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive Q: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive S: | 2048.00 Gb Total Space | 1418.01 Gb Free Space | 69.24% Space Free | Partition Type: NTFS
Drive T: | 2048.00 Gb Total Space | 1418.01 Gb Free Space | 69.24% Space Free | Partition Type: NTFS
Drive Y: | 2048.00 Gb Total Space | 1418.01 Gb Free Space | 69.24% Space Free | Partition Type: NTFS

Computer Name: FLASH | User Name: milton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/08 20:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
PRC - [2013/05/24 20:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/22 17:46:08 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013/05/20 16:53:28 | 001,226,928 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013/05/20 16:53:28 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/01/28 14:08:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/12 19:26:56 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
PRC - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
PRC - [2012/09/06 06:44:28 | 001,131,336 | ---- | M] (PacketVideo) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/10/12 23:11:34 | 002,068,856 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/10/12 23:11:32 | 001,446,264 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
PRC - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit\fitbit.exe
PRC - [2011/06/17 11:01:56 | 000,353,728 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
PRC - [2011/05/28 04:22:00 | 001,811,784 | ---- | M] (Actual Tools) -- C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe
PRC - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe
PRC - [2011/04/22 17:28:46 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
PRC - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/02/01 06:54:30 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2011/01/19 12:36:30 | 000,077,824 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
PRC - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
PRC - [2010/06/10 14:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
PRC - [2008/12/10 20:33:06 | 000,353,976 | ---- | M] (X1 Technologies, Inc.) -- C:\Program Files (x86)\X1\X1Systray.exe
PRC - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\FxSvr2.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/08 20:31:57 | 000,128,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_elementtree.pyd
MOD - [2013/06/08 20:31:56 | 000,098,816 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32api.pyd
MOD - [2013/06/08 20:31:56 | 000,044,032 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_socket.pyd
MOD - [2013/06/08 20:31:55 | 000,557,056 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\pysqlite2._sqlite.pyd
MOD - [2013/06/08 20:31:55 | 000,320,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32com.shell.shell.pyd
MOD - [2013/06/08 20:31:55 | 000,026,624 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_multiprocessing.pyd
MOD - [2013/06/08 20:31:55 | 000,022,528 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32ts.pyd
MOD - [2013/06/08 20:31:54 | 000,070,656 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._html2.pyd
MOD - [2013/06/08 20:31:53 | 001,022,416 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\windows._cacheinvalidation.pyd
MOD - [2013/06/08 20:31:53 | 000,805,888 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._gdi_.pyd
MOD - [2013/06/08 20:31:53 | 000,011,264 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32crypt.pyd
MOD - [2013/06/08 20:31:52 | 000,735,232 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._misc_.pyd
MOD - [2013/06/08 20:31:52 | 000,364,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\pythoncom27.dll
MOD - [2013/06/08 20:31:52 | 000,087,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_ctypes.pyd
MOD - [2013/06/08 20:31:52 | 000,017,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32profile.pyd
MOD - [2013/06/08 20:31:51 | 001,175,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._core_.pyd
MOD - [2013/06/08 20:31:51 | 000,110,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\PyWinTypes27.dll
MOD - [2013/06/08 20:31:51 | 000,108,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32security.pyd
MOD - [2013/06/08 20:31:50 | 001,153,024 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_ssl.pyd
MOD - [2013/06/08 20:31:49 | 000,025,600 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32pdh.pyd
MOD - [2013/06/08 20:31:48 | 000,811,008 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._windows_.pyd
MOD - [2013/06/08 20:31:48 | 000,711,680 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\_hashlib.pyd
MOD - [2013/06/08 20:31:48 | 000,035,840 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32process.pyd
MOD - [2013/06/08 20:31:47 | 000,122,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._wizard.pyd
MOD - [2013/06/08 20:31:47 | 000,119,808 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32file.pyd
MOD - [2013/06/08 20:31:46 | 000,038,912 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32inet.pyd
MOD - [2013/06/08 20:31:45 | 001,062,400 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\wx._controls_.pyd
MOD - [2013/06/08 20:31:45 | 000,686,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\unicodedata.pyd
MOD - [2013/06/08 20:31:45 | 000,127,488 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\pyexpat.pyd
MOD - [2013/06/08 20:31:45 | 000,018,432 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\win32event.pyd
MOD - [2013/06/08 20:31:44 | 000,010,240 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI35722\select.pyd
MOD - [2013/05/29 01:27:38 | 000,393,168 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 01:27:35 | 004,051,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 01:26:40 | 000,599,504 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 01:26:39 | 000,124,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 01:26:36 | 001,597,392 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/20 16:53:28 | 000,158,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll
MOD - [2013/05/15 03:12:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/15 03:11:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/04/23 09:35:23 | 006,124,032 | ---- | M] () -- C:\Users\milton\AppData\LocalLow\LastPass\LPPlugin.dll
MOD - [2013/04/15 10:17:45 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013/04/15 10:12:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/04/15 10:11:08 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/15 10:10:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/04/15 10:10:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/15 10:10:20 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/03/13 16:48:52 | 024,978,944 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 19:32:50 | 003,558,400 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/09/08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/09/08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011/07/27 11:41:34 | 000,453,000 | ---- | M] () -- C:\Program Files\MiMedia LLC\MiMedia\sqlite3.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
MOD - [2011/04/08 13:53:48 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/16 15:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
MOD - [2008/11/12 15:32:30 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardPath.dll
MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/12 19:28:39 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2011/04/11 14:44:46 | 000,171,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/17 13:01:44 | 000,099,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/07 19:29:34 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/07 19:29:27 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/20 16:53:28 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/05 20:25:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/10 20:01:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -- (TwonkyProxy)
SRV - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -- (TwonkyWebDav)
SRV - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/10 15:35:20 | 000,227,184 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2011/06/17 11:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe -- (DDService)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/11/08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/05 09:21:46 | 000,221,184 | ---- | M] (Visioneer Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/09/09 17:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/08/27 19:21:32 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/24 21:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\DfSdkS.exe -- (DfSdkS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/04/18 02:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/07 19:29:27 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/05 20:14:02 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2013/02/22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/01 20:03:58 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011/08/09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/07/07 08:34:08 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/05/04 17:20:32 | 000,340,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011/04/30 04:34:56 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/04/04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/20 15:13:28 | 000,034,840 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys -- (CSN5PDTS82x64)
DRV:64bit: - [2010/04/11 18:24:08 | 000,014,976 | ---- | M] (MaxiVista) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mvCmdemo.SYS -- (mvCmdemo)
DRV:64bit: - [2010/04/11 18:24:06 | 000,013,440 | ---- | M] (MaxiVista) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mvvideodemo.sys -- (mvvideodemo)
DRV:64bit: - [2010/04/07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/02/24 14:12:34 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/10/21 03:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 11:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/08/11 13:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 13:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2008/02/13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/10/15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
DRV:64bit: - [2007/04/19 08:55:50 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2007/04/19 08:55:50 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2007/04/19 08:55:50 | 000,016,896 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV - [2013/05/27 19:29:36 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/10/26 12:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.powerspec.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{3CC7BB73-B52A-4E2B-98F9-599C5ECF6A09}: "URL" = http://www.google.co...1I7GZAZ_enUS352
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-02-23 09:23:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = https://isearch.avg....fr&d=2012-02-23 09:23:49&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=114"
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://search.certif...e=true&tid=114"
FF - prefs.js..keyword.URL: "http://search.certif...114&bs=true&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@EDVR/WebClient: C:\windows\system32\WebClient\npwebclient.dll (Google)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\milton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\milton\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\plugin\FFExtensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/09/19 07:45:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012/07/18 21:54:16 | 000,136,026 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/18 18:43:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/02/09 12:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\milton\AppData\Roaming\Move Networks [2013/02/16 05:45:35 | 000,000,000 | ---D | M]

[2012/03/12 08:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Extensions
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions
[2013/06/08 20:29:29 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/04/23 09:35:26 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions
[2009/10/24 15:56:12 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2013/04/23 09:35:27 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2013/04/10 14:42:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll
[2013/05/20 16:53:57 | 000,003,716 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: NPLastPass (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpass.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\milton\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\milton\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\milton\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\milton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Gadget Runner = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbfiejepbnaphfnbaakjibbbechdhhf\1.3_0\
CHR - Extension: Google Drive = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Bookmark Sentry = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.13_0\
CHR - Extension: YouTube = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Honey = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.2.4_0\
CHR - Extension: Google Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Facebook Ads Blocker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna\1.1.0_0\
CHR - Extension: Facebook for Chrome = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.4_0\
CHR - Extension: Stopwatch = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.6_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: TweetDeck = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.0.0_0\
CHR - Extension: LastPass = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.25_0\
CHR - Extension: SuperSorter = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\0.4.3_0\
CHR - Extension: News Ticker Remover for Facebook = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbogeebjloglncnccgemjfedfhobfak\1.5_0\
CHR - Extension: Social Fixer = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjaijdkhejnbfpodmofannadgfokfnm\7.501_0\
CHR - Extension: AVG Safe Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Any.DO = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.3_0\
CHR - Extension: Google Mail Checker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: GetSavin = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
CHR - Extension: Print = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiefodmmloajakmcfnpnjpkldellhlj\1.1_0\
CHR - Extension: Popup my Bookmarks = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni\1.6.0.206_0\
CHR - Extension: AVG Security Toolbar = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.2.0.5_0\
CHR - Extension: LogMeIn = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgnihglilniboicepgjclfiageofdfj\1.0.0.1007_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Open Bookmark Manager = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd\1.3_0\
CHR - Extension: imo messenger = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.1_0\
CHR - Extension: Picasa = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Evernote Web Clipper = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.15_0\
CHR - Extension: Gmail = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: 3D Tennis = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpokfkdchapbkfpkmeiebmlfafbljla\4.0.0_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extension) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll (Nuance Communications, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [OneTouch Monitor] C:\Program Files (x86)\Visioneer OneTouch\OneTouchMon.exe (Visioneer Inc)
O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe (AVG Secure Search)
O4 - HKCU..\Run: [Actual Window Manager] C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe (Actual Tools)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\milton\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [X1FileMonitor.exe] C:\Program Files (x86)\X1\X1FileMonitor.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk = C:\Program Files (x86)\No-IP\DUC30.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twonky 7.1.lnk = C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\X1 System Tray.lnk = C:\Program Files (x86)\X1\X1Systray.exe (X1 Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcp...ls/pctuneup.cab (VersionControl Class)
O16 - DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///D:/activeX/DCP.cab (DCPForm Control 1.0.1.1)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {1DC4A509-9C17-4538-B5AA-DB0BA27ED400} http://kkom.cable-mo...in/WebViewS.cab (Hybrid WebView)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} file:///D:/activeX/aplugLiteDL.cab (Gif89 Lite +Audio Class)
O16 - DPF: {7451D317-862C-45DA-8C28-1B21ADF95877} http://kkom.cable-mo...rg/WebViewS.cab (Hybrid WebView)
O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} https://ssl.verizonb...e/NetDirect.cab (NetDirect)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} https://www36.verizo...VoiceVMUtil.CAB (IOBIVMUtil.VMDecoder)
O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} http://gessingirls.d....org/DvrOcx.cab (DvrOcx Control)
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://kkom.cable-mo...0/WebClient.exe (WebClient Control)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://gold.cable-mo...hecker_8300.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DCBF889B-422B-4AA0-9914-D5045A103758} http://kkom.cable-modem.org/WebRPB.cab (WebRPB Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FEC048AB-277A-460C-BF50-1A4193AEF148} http://gold.cable-mo...Center_8300.cab (DownloadCenter Control)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12C640E8-6904-4A58-B005-807F1CF6E075}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/milton/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell\AutoRun\command - "" = O:\setup.exe -a
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell\AutoRun\command - "" = O:\MotoCastSetup.exe -a
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell\AutoRun\command - "" = M:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/08 20:42:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
[2013/06/08 20:39:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/06/08 20:21:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/03 20:44:35 | 000,000,000 | ---D | C] -- C:\Users\milton\AppData\Local\{29C8938C-21C7-4F57-ACF6-910B535CEC77}
[2013/05/31 22:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[email protected] KillDisk
[2013/05/25 16:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2013/05/11 20:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0
[2013/05/11 20:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IVA
[2013/05/11 20:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nuance
[2013/05/11 20:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013/05/11 19:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Newshosting
[2013/05/11 19:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Newshosting
[2013/04/23 09:35:25 | 014,880,256 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2003/06/06 05:42:33 | 004,499,612 | ---- | C] (Canon Inc. ) -- C:\Users\milton\setup.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 354,713,599 | ---- | M] () -- C:\Users\milton\Desktop\babelfish-rosettaa.iso
[2013/06/08 20:58:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/08 20:54:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/08 20:47:10 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/08 20:47:09 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/08 20:44:47 | 000,648,201 | ---- | M] () -- C:\Users\milton\Desktop\adwcleaner.exe
[2013/06/08 20:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
[2013/06/08 20:38:39 | 000,001,047 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/08 20:37:47 | 000,001,017 | ---- | M] () -- C:\Users\milton\Desktop\Dropbox.lnk
[2013/06/08 20:34:22 | 000,008,994 | ---- | M] () -- C:\Windows\SysNative\.lck
[2013/06/08 20:34:21 | 000,024,332 | ---- | M] () -- C:\Windows\SysNative\.rsp
[2013/06/08 20:30:20 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/06/08 20:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/08 20:29:29 | 4287,385,598 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/08 20:21:27 | 000,001,024 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2013/06/08 19:29:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/08 18:46:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/08 13:19:18 | 000,000,135 | ---- | M] () -- C:\Windows\multiview.ini
[2013/06/08 09:46:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/08 00:07:07 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/07 19:29:27 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/06/07 19:29:27 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/06/07 19:29:27 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/06/06 20:18:08 | 000,000,000 | ---- | M] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2013/06/03 20:44:29 | 000,783,394 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/03 20:44:29 | 000,663,238 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/03 20:44:29 | 000,122,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/01 11:45:52 | 011,862,016 | ---- | M] () -- C:\ProgramData\sandra.mda
[2013/05/27 19:29:24 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll.001.bak
[2013/05/27 19:29:23 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll.000.bak
[2013/05/25 03:09:10 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/15 04:52:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 04:51:59 | 000,420,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/12 21:21:06 | 000,003,675 | ---- | M] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | M] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/08 20:44:47 | 000,648,201 | ---- | C] () -- C:\Users\milton\Desktop\adwcleaner.exe
[2013/06/03 08:07:36 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/05/25 03:09:10 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/12 21:21:06 | 000,003,675 | ---- | C] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | C] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting.lnk
[2013/03/31 15:48:10 | 000,000,182 | ---- | C] () -- C:\Users\milton\.packettracer
[2013/01/17 18:42:31 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\BRDH4150CDN.DAT
[2013/01/17 16:18:28 | 000,001,024 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012/11/26 18:37:35 | 000,000,000 | ---- | C] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2012/03/15 17:35:26 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI
[2012/02/14 11:07:54 | 000,000,022 | ---- | C] () -- C:\Windows\BMUpdate.ini
[2011/09/29 12:27:23 | 000,013,030 | ---- | C] () -- C:\ProgramData\PDOXUSRS.NET
[2011/09/15 10:40:12 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/08/11 22:56:39 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\sys32dlkb.dll
[2011/08/04 13:46:54 | 000,110,456 | ---- | C] () -- C:\Users\milton\g2ax_customer_downloadhelper_win32_x86.exe
[2011/07/27 16:49:10 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/06/27 16:23:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/28 14:28:44 | 000,213,187 | ---- | C] () -- C:\Users\milton\AppData\Roaming\MMUpgrade.jpg
[2011/01/15 16:16:22 | 000,112,640 | ---- | C] () -- C:\Users\milton\AppData\Roaming\chrtmp
[2011/01/11 19:55:23 | 000,060,928 | ---- | C] () -- C:\Users\milton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 17:36:54 | 000,000,197 | ---- | C] () -- C:\Users\milton\RmUserCfg.ini
[2010/07/30 11:28:50 | 000,000,026 | ---- | C] () -- C:\Users\milton\AppData\Local\boot.dat
[2010/06/21 09:12:33 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/04/14 07:14:26 | 000,000,218 | ---- | C] () -- C:\Users\milton\.recently-used.xbel
[2010/02/01 12:06:28 | 000,000,355 | ---- | C] () -- C:\Users\milton\Computer - Shortcut.lnk
[2009/11/17 11:42:24 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/11/16 18:11:17 | 000,007,643 | ---- | C] () -- C:\Users\milton\AppData\Local\resmon.resmoncfg
[2009/11/05 23:47:40 | 000,000,980 | ---- | C] () -- C:\Users\milton\AppData\Local\7F68A003.il
[2009/11/05 23:47:40 | 000,000,448 | ---- | C] () -- C:\Users\milton\AppData\Local\IndexIE_7F68A003.il
[2009/10/25 13:21:54 | 011,862,016 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/06/19 07:53:35 | 000,000,581 | ---- | C] () -- C:\Users\milton\.hawkscope.properties
[2009/04/28 12:37:29 | 000,031,202 | ---- | C] () -- C:\Users\milton\parenting.jpg
[2008/12/09 18:11:59 | 000,031,364 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt
[2008/12/09 18:11:59 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt.style
[2008/12/09 18:11:21 | 000,045,152 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt
[2008/12/09 18:11:21 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt.style
[2008/12/09 18:02:31 | 731,879,424 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.avi
[2008/05/20 08:07:55 | 000,000,256 | ---- | C] () -- C:\Users\milton\pool.bin
[2008/04/24 09:08:28 | 000,103,784 | ---- | C] () -- C:\Users\milton\GoToAssistDownloadHelper.exe
[2007/08/24 13:18:08 | 000,000,124 | ---- | C] () -- C:\Users\milton\default.pls
[2003/06/06 05:42:34 | 000,152,064 | ---- | C] () -- C:\Users\milton\1031.mst
[2003/06/06 05:42:34 | 000,125,952 | ---- | C] () -- C:\Users\milton\1033.mst
[2003/06/06 05:42:33 | 025,509,672 | ---- | C] () -- C:\Users\milton\Data1.cab
[2003/06/06 05:42:33 | 003,126,272 | ---- | C] () -- C:\Users\milton\DV Network Software.msi
[2003/06/06 05:42:33 | 000,160,768 | ---- | C] () -- C:\Users\milton\1040.mst
[2003/06/06 05:42:33 | 000,160,256 | ---- | C] () -- C:\Users\milton\1034.mst
[2003/06/06 05:42:33 | 000,158,208 | ---- | C] () -- C:\Users\milton\1036.mst

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/05/18 19:34:48 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.minecraft
[2013/01/05 10:54:01 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.oit
[2012/08/29 08:24:32 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\.purple
[2010/03/12 09:57:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\1&1
[2012/02/08 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ACD Systems
[2009/11/04 07:50:41 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Actual Tools
[2013/01/10 09:39:21 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\aignes
[2010/01/07 09:16:49 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Apowersoft
[2011/03/29 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Ashampoo
[2010/03/23 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Astroburn Lite
[2011/06/16 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS
[2011/06/16 11:01:09 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS WebStorage
[2011/06/16 11:18:45 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ASUS.AF361EFD06694D11175EA8BF6E21597A36AD9F1D.1
[2011/07/20 08:45:58 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\AVG10
[2013/01/12 01:15:04 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\AviDvdBurner
[2012/04/15 12:34:47 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\BDlot
[2013/05/11 20:12:21 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\BitTorrent
[2011/07/27 16:49:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Broken Rules
[2009/12/30 09:40:56 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CasinoOnNet
[2011/09/29 12:38:22 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Colasoft Capsa 7.4 - Free Edition
[2011/09/29 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Colasoft MAC Scanner
[2010/01/09 10:13:37 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CompanionLink
[2013/01/28 09:20:12 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\CrashPlan
[2011/07/27 14:37:35 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Crayon Physics Deluxe
[2009/10/24 00:28:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DAEMON Tools Lite
[2012/01/06 12:48:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Digiarty
[2011/10/17 09:27:03 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DlinkViewCam
[2013/06/08 20:42:29 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Dropbox
[2011/09/13 17:19:23 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\DVD Catalyst 4
[2011/06/16 10:59:15 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\eCareme
[2012/02/14 11:12:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\EPSON
[2010/02/10 09:33:16 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ESET
[2010/03/08 12:41:51 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Facebook
[2013/01/05 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\FileZilla
[2011/03/11 12:20:09 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\FreshDiagnose
[2012/03/15 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Fujitsu
[2011/04/09 20:48:46 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\GARMIN
[2010/07/31 14:54:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Genie-Soft
[2010/01/07 00:39:31 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\GrabPro
[2010/04/12 08:58:28 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\gtk-2.0
[2010/04/29 11:18:13 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\HandBrake
[2011/08/23 20:38:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\InfraRecorder
[2011/01/17 10:32:54 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\JAM Software
[2011/08/03 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Lazy 8 Studios
[2009/10/24 00:23:29 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Leadertech
[2012/08/15 08:18:05 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\mjusbsp
[2012/09/07 08:25:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Newshosting
[2011/09/08 08:41:26 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\NewsLeecher
[2012/02/13 08:41:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Nolo
[2013/05/11 20:21:56 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Nuance
[2010/09/01 17:15:57 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\NUUO
[2010/02/01 18:00:03 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Orbit
[2011/06/16 11:18:50 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Outlook
[2010/09/28 11:04:43 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Passware
[2011/08/15 10:41:52 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\PCPitstop
[2012/03/15 17:49:27 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\PFU
[2011/07/11 21:10:25 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Polar WebSync
[2010/05/21 08:27:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\ProcessLasso
[2010/06/21 09:24:17 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Soluto
[2013/05/11 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Spotify
[2011/12/28 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Stardock
[2011/07/31 15:53:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\SystemRequirementsLab
[2013/06/08 20:43:05 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TeraCopy
[2012/10/19 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Thunderbird
[2010/11/09 21:24:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\tidysongs16
[2009/11/25 09:52:53 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TrueCrypt
[2013/06/08 20:32:09 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\TwonkyServer
[2010/06/25 08:49:30 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Uniblue
[2013/04/23 11:11:25 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\webex
[2012/11/27 18:28:54 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\XBMC
[2013/01/12 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Xilisoft
[2009/12/09 11:25:06 | 000,000,000 | ---D | M] -- C:\Users\milton\AppData\Roaming\Zeon

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2008/03/17 15:39:42 | 000,142,848 | ---- | M] ()(C:\Users\milton\Documents\???? ???????.doc) -- C:\Users\milton\Documents\טיסה לניאגרה.doc
[2008/03/17 15:38:48 | 000,142,848 | ---- | C] ()(C:\Users\milton\Documents\???? ???????.doc) -- C:\Users\milton\Documents\טיסה לניאגרה.doc
[2008/03/17 15:36:03 | 000,251,082 | ---- | C] ()(C:\Users\milton\Documents\?????? ????.pdf) -- C:\Users\milton\Documents\כרטיסי טיסה.pdf

========== Alternate Data Streams ==========

@Alternate Data Stream - 216952 bytes -> C:\Users\milton\Desktop\David Bar Mitzah 2009_05_03_11_44_30.avi:TOC.WMV
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:D4810DBE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:01C66DD9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C671BC00

< End of report >
  • 0

#6
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hi mbk123,

Thanks for the clarification on those files.

Just follow instructions in the order I post them please :) As for AdwCleaner, when you right click on it and select Run as administrator, it will look something like this

Posted Image

There you will see the aforementioned Delete button, which is the one I would like you to press :)

Also, can you post either of these two logs please:

C:\Users\milton\Downloads\Extras.txt
C:\Users\milton\Desktop\Extras.txt


Tom
  • 0

#7
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Tom,

ADWCleaner keeps making my machine unresponsive. Have to do either cntrl-alt-del to stop program or force a reset.

Can I run the program in safe mode?
  • 0

#8
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hi mbk123,

Yes, that's fine. Try running AdwCleaner in Safe Mode :)

Tom
  • 0

#9
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Tom,

Here you go.

# AdwCleaner v2.303 - Logfile created 06/10/2013 at 08:15:27
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : milton - FLASH
# Boot Mode : Safe mode with networking
# Running from : C:\Users\milton\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\InfoAtoms
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Users\milton\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\milton\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\milton\AppData\Local\PackageAware
Folder Deleted : C:\Users\milton\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\milton\AppData\LocalLow\CertifiedToolbar
Folder Deleted : C:\Users\milton\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\jetpack

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\CompeteInc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1A03F196-9617-4CA0-842B-A83CEECB022B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=39033&bs=true&tid=114&q=%s --> hxxp://www.google.com

-\\ Mozilla Firefox v10.0.2 (en-US)

File : C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=39033&home=true&tid=11[...]
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=39033&home=true&tid=11[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=39033&tid=114&bs=true&q=");

File : C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium v check_default_browser: false

File : C:\Users\milton\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [352 octets] - [09/06/2013 09:01:01]
AdwCleaner[S2].txt - [317 octets] - [09/06/2013 11:14:31]
AdwCleaner[S3].txt - [352 octets] - [09/06/2013 11:16:41]
AdwCleaner[S4].txt - [11918 octets] - [10/06/2013 08:15:27]

########## EOF - C:\AdwCleaner[S4].txt - [11979 octets] ##########
  • 0

#10
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
and i don't see a file called "extras.txt" on my machine
  • 0

#11
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hello mbk123,

AdwCleaner has done a lot of work which is great, hopefully OTL will run now. We can boot back into normal mode now, then try this:

OTL

  • Run OTL by double-clicking on it.
  • Change the following options:

    • Extra Registry > All
  • Click Run Scan to start OTL.
  • When OTL finishes scanning, two logs, OTL.txt and Extras.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

Tom
  • 0

#12
mbk123

mbk123

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here you go Tom. FYI, malwarebytes doesn't show the issue anymore.


OTL logfile created on: 6/10/2013 2:05:14 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milton\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 11.28 Gb Available Physical Memory | 70.55% Memory free
63.96 Gb Paging File | 58.99 Gb Available in Paging File | 92.24% Paging File free
Paging file location(s): c:\pagefile.sys 0 0f:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.63 Gb Total Space | 268.27 Gb Free Space | 29.11% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 145.52 Gb Free Space | 31.24% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 79.62 Gb Free Space | 17.10% Space Free | Partition Type: NTFS
Drive N: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive Q: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive S: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive T: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive Y: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS

Computer Name: FLASH | User Name: milton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/08 20:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
PRC - [2013/05/24 20:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/22 17:46:08 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/04/05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/01/28 14:08:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/12 19:26:56 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
PRC - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
PRC - [2012/09/06 06:44:28 | 001,131,336 | ---- | M] (PacketVideo) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2011/10/12 23:11:34 | 002,068,856 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/10/12 23:11:32 | 001,446,264 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
PRC - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit\fitbit.exe
PRC - [2011/06/17 11:01:56 | 000,353,728 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
PRC - [2011/05/28 04:22:00 | 001,811,784 | ---- | M] (Actual Tools) -- C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe
PRC - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe
PRC - [2011/04/22 17:28:46 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
PRC - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2011/02/01 06:54:30 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2011/01/19 12:36:30 | 000,077,824 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
PRC - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
PRC - [2010/06/10 14:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
PRC - [2008/12/10 20:33:06 | 000,353,976 | ---- | M] (X1 Technologies, Inc.) -- C:\Program Files (x86)\X1\X1Systray.exe
PRC - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
PRC - [2005/06/08 16:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 15:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Video\FxSvr2.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/10 08:20:25 | 000,557,056 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\pysqlite2._sqlite.pyd
MOD - [2013/06/10 08:20:25 | 000,128,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_elementtree.pyd
MOD - [2013/06/10 08:20:25 | 000,098,816 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32api.pyd
MOD - [2013/06/10 08:20:25 | 000,044,032 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_socket.pyd
MOD - [2013/06/10 08:20:25 | 000,022,528 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32ts.pyd
MOD - [2013/06/10 08:20:24 | 000,805,888 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._gdi_.pyd
MOD - [2013/06/10 08:20:24 | 000,320,512 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32com.shell.shell.pyd
MOD - [2013/06/10 08:20:24 | 000,070,656 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._html2.pyd
MOD - [2013/06/10 08:20:24 | 000,026,624 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_multiprocessing.pyd
MOD - [2013/06/10 08:20:24 | 000,011,264 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32crypt.pyd
MOD - [2013/06/10 08:20:23 | 001,022,416 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\windows._cacheinvalidation.pyd
MOD - [2013/06/10 08:20:23 | 000,087,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_ctypes.pyd
MOD - [2013/06/10 08:20:23 | 000,017,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32profile.pyd
MOD - [2013/06/10 08:20:22 | 000,735,232 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._misc_.pyd
MOD - [2013/06/10 08:20:22 | 000,364,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\pythoncom27.dll
MOD - [2013/06/10 08:20:22 | 000,110,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\PyWinTypes27.dll
MOD - [2013/06/10 08:20:21 | 001,175,040 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._core_.pyd
MOD - [2013/06/10 08:20:21 | 000,108,544 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32security.pyd
MOD - [2013/06/10 08:20:20 | 001,153,024 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_ssl.pyd
MOD - [2013/06/10 08:20:20 | 000,035,840 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32process.pyd
MOD - [2013/06/10 08:20:20 | 000,025,600 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32pdh.pyd
MOD - [2013/06/10 08:20:19 | 000,811,008 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._windows_.pyd
MOD - [2013/06/10 08:20:19 | 000,711,680 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\_hashlib.pyd
MOD - [2013/06/10 08:20:19 | 000,122,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._wizard.pyd
MOD - [2013/06/10 08:20:19 | 000,119,808 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32file.pyd
MOD - [2013/06/10 08:20:18 | 001,062,400 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\wx._controls_.pyd
MOD - [2013/06/10 08:20:18 | 000,038,912 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32inet.pyd
MOD - [2013/06/10 08:20:17 | 000,686,080 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\unicodedata.pyd
MOD - [2013/06/10 08:20:17 | 000,127,488 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\pyexpat.pyd
MOD - [2013/06/10 08:20:17 | 000,018,432 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\win32event.pyd
MOD - [2013/06/10 08:20:17 | 000,010,240 | ---- | M] () -- C:\Users\milton\AppData\Local\Temp\_MEI16882\select.pyd
MOD - [2013/05/29 01:27:38 | 000,393,168 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 01:27:35 | 004,051,408 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 01:26:40 | 000,599,504 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 01:26:39 | 000,124,368 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 01:26:36 | 001,597,392 | ---- | M] () -- C:\Users\milton\AppData\Local\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/15 03:12:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/15 03:11:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/04/15 10:17:45 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013/04/15 10:12:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/04/15 10:11:08 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/15 10:10:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/04/15 10:10:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/15 10:10:20 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/03/13 16:48:52 | 024,978,944 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 19:32:50 | 003,558,400 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/10/28 18:06:18 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/09/08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/09/08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/15 13:14:54 | 005,492,736 | ---- | M] () -- C:\Program Files (x86)\Drobo\Drobo Dashboard\DroboDashboard.exe
MOD - [2011/04/08 13:53:48 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2011/03/16 15:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2010/06/18 17:02:20 | 001,423,520 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC30.exe
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/12/10 20:33:04 | 000,370,360 | ---- | M] () -- C:\Program Files (x86)\X1\X1FileMonitor.exe
MOD - [2008/11/12 15:32:30 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardPath.dll
MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/12 19:28:39 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2011/04/11 14:44:46 | 000,171,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/17 13:01:44 | 000,099,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/07 19:29:34 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/07 19:29:27 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/05 20:25:30 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/15 01:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/10 20:01:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/06 06:44:30 | 000,766,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -- (TwonkyProxy)
SRV - [2012/09/06 06:44:30 | 000,279,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -- (TwonkyWebDav)
SRV - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/07/18 22:07:06 | 000,310,232 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/10 15:35:20 | 000,227,184 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/07/11 05:13:26 | 000,786,040 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2011/06/17 11:02:10 | 001,000,896 | ---- | M] (Cyber Power Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2011/05/06 12:46:50 | 000,368,128 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2011/04/15 13:14:54 | 000,749,568 | ---- | M] (Data Robotics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Drobo\Drobo Dashboard\Support\DDService.exe -- (DDService)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/11/08 13:04:18 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/05 09:21:46 | 000,221,184 | ---- | M] (Visioneer Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2010/09/15 16:01:20 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/09/09 17:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/08/27 19:21:32 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/24 21:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\DfSdkS.exe -- (DfSdkS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/04/18 02:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/07 19:29:27 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/05 20:14:02 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2013/02/22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/01 20:03:58 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011/08/09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/07/07 08:34:08 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/05/04 17:20:32 | 000,340,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011/04/30 04:34:56 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/04/04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/20 15:13:28 | 000,034,840 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys -- (CSN5PDTS82x64)
DRV:64bit: - [2010/04/11 18:24:08 | 000,014,976 | ---- | M] (MaxiVista) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mvCmdemo.SYS -- (mvCmdemo)
DRV:64bit: - [2010/04/11 18:24:06 | 000,013,440 | ---- | M] (MaxiVista) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mvvideodemo.sys -- (mvvideodemo)
DRV:64bit: - [2010/04/07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/02/24 14:12:34 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/10/21 03:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 11:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/08/11 13:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 13:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2008/02/13 17:20:16 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/10/15 12:37:22 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
DRV:64bit: - [2007/04/19 08:55:50 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2007/04/19 08:55:50 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2007/04/19 08:55:50 | 000,016,896 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV - [2013/05/27 19:29:36 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011/08/19 11:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/10/26 12:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.powerspec.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{3CC7BB73-B52A-4E2B-98F9-599C5ECF6A09}: "URL" = http://www.google.co...1I7GZAZ_enUS352
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: false
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@EDVR/WebClient: C:\windows\system32\WebClient\npwebclient.dll (Google)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\milton\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\milton\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\milton\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\milton\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\milton\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\plugin\FFExtensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/09/19 07:45:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012/07/18 21:54:16 | 000,136,026 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/18 18:43:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/02/09 12:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\milton\AppData\Roaming\Move Networks [2013/02/16 05:45:35 | 000,000,000 | ---D | M]

[2012/03/12 08:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Extensions
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions
[2013/06/08 20:29:29 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/04/23 09:35:26 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\03dashh7.default\extensions\[email protected]
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions
[2009/10/24 15:56:12 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2013/04/23 09:35:27 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\milton\AppData\Roaming\Mozilla\Firefox\Profiles\asdfox9z.default\extensions\[email protected]
[2013/04/10 14:42:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/08 20:28:19 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - Extension: Gadget Runner = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbfiejepbnaphfnbaakjibbbechdhhf\1.3_0\
CHR - Extension: Google Drive = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Bookmark Sentry = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.13_0\
CHR - Extension: YouTube = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Honey = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.2.4_0\
CHR - Extension: Google Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Facebook Ads Blocker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhojjeeaapcofdjleiamnokcfdnna\1.1.0_0\
CHR - Extension: Facebook for Chrome = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.5_0\
CHR - Extension: Stopwatch = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.6_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: TweetDeck = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.0.0_0\
CHR - Extension: LastPass = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.25_0\
CHR - Extension: SuperSorter = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\0.4.3_0\
CHR - Extension: Any.DO = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.3_0\
CHR - Extension: Google Mail Checker = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: Print = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiefodmmloajakmcfnpnjpkldellhlj\1.1_0\
CHR - Extension: Popup my Bookmarks = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni\1.6.0.206_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Open Bookmark Manager = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd\1.3_0\
CHR - Extension: imo messenger = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.1_0\
CHR - Extension: Picasa = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Evernote Web Clipper = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.15_1\
CHR - Extension: Gmail = C:\Users\milton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extension) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll (Nuance Communications, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files (x86)\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files (x86)\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [OneTouch Monitor] C:\Program Files (x86)\Visioneer OneTouch\OneTouchMon.exe (Visioneer Inc)
O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)
O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Actual Window Manager] C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe (Actual Tools)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\milton\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files (x86)\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [X1FileMonitor.exe] C:\Program Files (x86)\X1\X1FileMonitor.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\milton\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk = C:\Program Files (x86)\No-IP\DUC30.exe ()
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twonky 7.1.lnk = C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
O4 - Startup: C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\X1 System Tray.lnk = C:\Program Files (x86)\X1\X1Systray.exe (X1 Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: LastPass - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\milton\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcp...ls/pctuneup.cab (VersionControl Class)
O16 - DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///D:/activeX/DCP.cab (DCPForm Control 1.0.1.1)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {1DC4A509-9C17-4538-B5AA-DB0BA27ED400} http://kkom.cable-mo...in/WebViewS.cab (Hybrid WebView)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} file:///D:/activeX/aplugLiteDL.cab (Gif89 Lite +Audio Class)
O16 - DPF: {7451D317-862C-45DA-8C28-1B21ADF95877} http://kkom.cable-mo...rg/WebViewS.cab (Hybrid WebView)
O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} https://ssl.verizonb...e/NetDirect.cab (NetDirect)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} https://www36.verizo...VoiceVMUtil.CAB (IOBIVMUtil.VMDecoder)
O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} http://gessingirls.d....org/DvrOcx.cab (DvrOcx Control)
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://kkom.cable-mo...0/WebClient.exe (WebClient Control)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcp...ols/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://gold.cable-mo...hecker_8300.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DCBF889B-422B-4AA0-9914-D5045A103758} http://kkom.cable-modem.org/WebRPB.cab (WebRPB Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FEC048AB-277A-460C-BF50-1A4193AEF148} http://gold.cable-mo...Center_8300.cab (DownloadCenter Control)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12C640E8-6904-4A58-B005-807F1CF6E075}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/milton/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{359e67f0-a307-11df-8bb8-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{6dcbbcdb-d783-11df-b51b-001cc0f1a963}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{87222e2a-f1e8-11e0-9a2d-001cc0f1a963}\Shell\AutoRun\command - "" = O:\setup.exe -a
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{d6fb706d-533f-11e1-b6eb-001cc0f1a963}\Shell\AutoRun\command - "" = O:\MotoCastSetup.exe -a
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e21743c0-7c57-11e1-ad8a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed211dfc-1375-11e2-8391-001cc0f1a963}\Shell\AutoRun\command - "" = M:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/10 12:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/06/08 20:42:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
[2013/06/08 20:21:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/03 20:44:35 | 000,000,000 | ---D | C] -- C:\Users\milton\AppData\Local\{29C8938C-21C7-4F57-ACF6-910B535CEC77}
[2013/05/31 22:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[email protected] KillDisk
[2013/05/26 03:01:28 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/05/26 03:01:27 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/05/26 03:01:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/05/26 03:01:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/05/26 03:01:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/05/26 03:01:24 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/05/26 03:01:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/05/26 03:01:24 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/05/26 03:01:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/26 03:01:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/05/26 03:01:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/05/26 03:01:23 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/05/26 03:01:17 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/05/26 03:01:17 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/05/26 03:01:15 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/05/25 16:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2013/05/25 03:09:17 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/05/25 03:09:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/25 03:09:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/05/25 03:09:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/05/25 03:09:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/05/25 03:09:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/05/25 03:09:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/05/25 03:09:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/05/25 03:09:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/05/25 03:09:11 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/05/25 03:09:11 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/05/25 03:09:11 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/05/25 03:09:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/05/25 03:09:11 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/05/25 03:09:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/05/25 03:09:10 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/05/25 03:09:10 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/05/25 03:09:10 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/05/25 03:09:10 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/05/25 03:09:10 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/05/25 03:09:10 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/25 03:09:10 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/05/25 03:09:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/05/25 03:09:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/05/25 03:09:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/05/25 03:09:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/05/25 03:09:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/05/25 03:09:06 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/05/25 03:09:06 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/05/25 03:09:06 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/05/25 03:09:06 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/05/25 03:09:06 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/05/25 03:09:06 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/05/25 03:09:06 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/05/25 03:09:05 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/05/25 03:09:04 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/05/25 03:09:04 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/05/25 03:09:04 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/05/25 03:09:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/05/25 03:09:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/05/25 03:09:04 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/05/25 03:09:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/05/25 03:09:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/05/25 03:09:04 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/05/25 03:09:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/05/25 03:09:04 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/05/25 03:09:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/05/25 03:09:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/05/25 03:09:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/05/25 03:09:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/05/25 03:09:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/05/25 03:09:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/05/25 03:09:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/05/14 22:52:28 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/05/14 22:52:28 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/05/14 22:52:19 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/05/14 22:52:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/05/14 22:52:17 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/05/14 22:52:16 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/05/14 22:52:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/05/11 20:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0
[2013/05/11 20:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IVA
[2013/05/11 20:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nuance
[2013/05/11 20:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013/05/11 19:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Newshosting
[2013/05/11 19:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Newshosting
[2013/04/23 09:35:25 | 014,880,256 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2003/06/06 05:42:33 | 004,499,612 | ---- | C] (Canon Inc. ) -- C:\Users\milton\setup.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 354,713,599 | ---- | M] () -- C:\Users\milton\Desktop\babelfish-rosettaa.iso
[2013/06/10 13:58:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/10 13:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/10 13:29:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/10 12:46:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001UA.job
[2013/06/10 09:46:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/10 08:33:10 | 000,000,000 | ---- | M] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2013/06/10 08:32:06 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/10 08:32:05 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/10 08:24:29 | 000,009,484 | ---- | M] () -- C:\Windows\SysNative\.rsp
[2013/06/10 08:24:29 | 000,001,562 | ---- | M] () -- C:\Windows\SysNative\.lck
[2013/06/10 08:18:31 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/06/10 08:18:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/10 08:17:56 | 4287,385,598 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/08 23:58:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1524038231-768707829-3631476965-1001Core.job
[2013/06/08 20:44:47 | 000,648,201 | ---- | M] () -- C:\Users\milton\Desktop\adwcleaner.exe
[2013/06/08 20:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milton\Desktop\OTL.exe
[2013/06/08 20:38:39 | 000,001,047 | ---- | M] () -- C:\Users\milton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/08 20:37:47 | 000,001,017 | ---- | M] () -- C:\Users\milton\Desktop\Dropbox.lnk
[2013/06/08 20:21:27 | 000,001,024 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2013/06/08 13:19:18 | 000,000,135 | ---- | M] () -- C:\Windows\multiview.ini
[2013/06/07 19:29:27 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/06/07 19:29:27 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/06/07 19:29:27 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/06/03 20:44:29 | 000,783,394 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/03 20:44:29 | 000,663,238 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/03 20:44:29 | 000,122,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/01 11:45:52 | 011,862,016 | ---- | M] () -- C:\ProgramData\sandra.mda
[2013/05/27 19:29:24 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll.001.bak
[2013/05/27 19:29:23 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll.000.bak
[2013/05/25 03:09:17 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/05/25 03:09:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/05/25 03:09:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/05/25 03:09:15 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/05/25 03:09:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/05/25 03:09:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/05/25 03:09:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/05/25 03:09:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/05/25 03:09:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/05/25 03:09:11 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/05/25 03:09:11 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/05/25 03:09:11 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/05/25 03:09:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/05/25 03:09:11 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/05/25 03:09:11 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/05/25 03:09:10 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/05/25 03:09:10 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/05/25 03:09:10 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/05/25 03:09:10 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/05/25 03:09:10 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/05/25 03:09:10 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/05/25 03:09:10 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/05/25 03:09:10 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/05/25 03:09:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/05/25 03:09:10 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/05/25 03:09:07 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/05/25 03:09:07 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/05/25 03:09:06 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/05/25 03:09:06 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/05/25 03:09:06 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/05/25 03:09:06 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/05/25 03:09:06 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/05/25 03:09:06 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/05/25 03:09:06 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/05/25 03:09:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/25 03:09:05 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/05/25 03:09:04 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/05/25 03:09:04 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/05/25 03:09:04 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/05/25 03:09:04 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/05/25 03:09:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/05/25 03:09:04 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/05/25 03:09:04 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/05/25 03:09:04 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/05/25 03:09:04 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/05/25 03:09:04 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/05/25 03:09:04 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/05/25 03:09:04 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/05/25 03:09:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/05/25 03:09:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/05/25 03:09:04 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/05/25 03:09:04 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/05/25 03:09:04 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/05/25 03:09:03 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/05/20 16:53:28 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/15 04:52:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 04:51:59 | 000,420,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/12 21:21:06 | 000,003,675 | ---- | M] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | M] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\Newshosting.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Users\milton\Documents\*.tmp files -> C:\Users\milton\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/08 20:44:47 | 000,648,201 | ---- | C] () -- C:\Users\milton\Desktop\adwcleaner.exe
[2013/06/03 08:07:36 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/05/25 03:09:10 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/25 03:09:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/12 21:21:06 | 000,003,675 | ---- | C] () -- C:\Users\milton\AppData\Roaming\SAS7_000.DAT
[2013/05/11 20:21:11 | 000,002,871 | ---- | C] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2013/05/11 19:42:11 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting Downloads.lnk
[2013/05/11 19:42:11 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\Newshosting.lnk
[2013/03/31 15:48:10 | 000,000,182 | ---- | C] () -- C:\Users\milton\.packettracer
[2013/01/17 18:42:31 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\BRDH4150CDN.DAT
[2013/01/17 16:18:28 | 000,001,024 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012/11/26 18:37:35 | 000,000,000 | ---- | C] () -- C:\Users\milton\AppData\Local\prvlcl.dat
[2012/03/15 17:35:26 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI
[2012/02/14 11:07:54 | 000,000,022 | ---- | C] () -- C:\Windows\BMUpdate.ini
[2011/09/29 12:27:23 | 000,013,030 | ---- | C] () -- C:\ProgramData\PDOXUSRS.NET
[2011/09/15 10:40:12 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/08/11 22:56:39 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\sys32dlkb.dll
[2011/08/04 13:46:54 | 000,110,456 | ---- | C] () -- C:\Users\milton\g2ax_customer_downloadhelper_win32_x86.exe
[2011/07/27 16:49:10 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/06/27 16:23:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/28 14:28:44 | 000,213,187 | ---- | C] () -- C:\Users\milton\AppData\Roaming\MMUpgrade.jpg
[2011/01/15 16:16:22 | 000,112,640 | ---- | C] () -- C:\Users\milton\AppData\Roaming\chrtmp
[2011/01/11 19:55:23 | 000,060,928 | ---- | C] () -- C:\Users\milton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 17:36:54 | 000,000,197 | ---- | C] () -- C:\Users\milton\RmUserCfg.ini
[2010/07/30 11:28:50 | 000,000,026 | ---- | C] () -- C:\Users\milton\AppData\Local\boot.dat
[2010/06/21 09:12:33 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/04/14 07:14:26 | 000,000,218 | ---- | C] () -- C:\Users\milton\.recently-used.xbel
[2010/02/01 12:06:28 | 000,000,355 | ---- | C] () -- C:\Users\milton\Computer - Shortcut.lnk
[2009/11/17 11:42:24 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/11/16 18:11:17 | 000,007,643 | ---- | C] () -- C:\Users\milton\AppData\Local\resmon.resmoncfg
[2009/11/05 23:47:40 | 000,000,980 | ---- | C] () -- C:\Users\milton\AppData\Local\7F68A003.il
[2009/11/05 23:47:40 | 000,000,448 | ---- | C] () -- C:\Users\milton\AppData\Local\IndexIE_7F68A003.il
[2009/10/25 13:21:54 | 011,862,016 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/06/19 07:53:35 | 000,000,581 | ---- | C] () -- C:\Users\milton\.hawkscope.properties
[2009/04/28 12:37:29 | 000,031,202 | ---- | C] () -- C:\Users\milton\parenting.jpg
[2008/12/09 18:11:59 | 000,031,364 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt
[2008/12/09 18:11:59 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD2-SAPHiRE.srt.style
[2008/12/09 18:11:21 | 000,045,152 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt
[2008/12/09 18:11:21 | 000,000,419 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.srt.style
[2008/12/09 18:02:31 | 731,879,424 | ---- | C] () -- C:\Users\milton\Shaolin.Soccer.2001.Extended.DVDRip.XviD.CD1-SAPHiRE.avi
[2008/05/20 08:07:55 | 000,000,256 | ---- | C] () -- C:\Users\milton\pool.bin
[2008/04/24 09:08:28 | 000,103,784 | ---- | C] () -- C:\Users\milton\GoToAssistDownloadHelper.exe
[2007/08/24 13:18:08 | 000,000,124 | ---- | C] () -- C:\Users\milton\default.pls
[2003/06/06 05:42:34 | 000,152,064 | ---- | C] () -- C:\Users\milton\1031.mst
[2003/06/06 05:42:34 | 000,125,952 | ---- | C] () -- C:\Users\milton\1033.mst
[2003/06/06 05:42:33 | 025,509,672 | ---- | C] () -- C:\Users\milton\Data1.cab
[2003/06/06 05:42:33 | 003,126,272 | ---- | C] () -- C:\Users\milton\DV Network Software.msi
[2003/06/06 05:42:33 | 000,160,768 | ---- | C] () -- C:\Users\milton\1040.mst
[2003/06/06 05:42:33 | 000,160,256 | ---- | C] () -- C:\Users\milton\1034.mst
[2003/06/06 05:42:33 | 000,158,208 | ---- | C] () -- C:\Users\milton\1036.mst

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 216952 bytes -> C:\Users\milton\Desktop\David Bar Mitzah 2009_05_03_11_44_30.avi:TOC.WMV
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:D4810DBE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:01C66DD9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:9638A27E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C671BC00

< End of report >


********************************

OTL Extras logfile created on: 6/10/2013 2:05:14 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\milton\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.99 Gb Total Physical Memory | 11.28 Gb Available Physical Memory | 70.55% Memory free
63.96 Gb Paging File | 58.99 Gb Available in Paging File | 92.24% Paging File free
Paging file location(s): c:\pagefile.sys 0 0f:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.63 Gb Total Space | 268.27 Gb Free Space | 29.11% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 145.52 Gb Free Space | 31.24% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 79.62 Gb Free Space | 17.10% Space Free | Partition Type: NTFS
Drive N: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive Q: | 2048.00 Gb Total Space | 1425.79 Gb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive S: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive T: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS
Drive Y: | 2048.00 Gb Total Space | 1408.46 Gb Free Space | 68.77% Space Free | Partition Type: NTFS

Computer Name: FLASH | User Name: milton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 14.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeQV14.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 14.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeQV14.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11FF188A-271C-42F2-929A-4CFDE21FECFB}" = lport=6151 | protocol=6 | dir=in | name=maxivista server |
"{12B1CEC8-433A-4AF4-A205-F31F902051A4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{166F6800-B82F-4E40-9BF4-DFBD4211A962}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18B1452D-33C5-4F08-A9B5-7C3B024316C2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1BE967D2-8BC7-467F-970A-E81471415BC0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{21707B18-DA0D-459E-9598-72C08CA536F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{22565267-D50A-4D99-A610-E9B7B5261C75}" = rport=137 | protocol=17 | dir=out | app=system |
"{2922DDCF-291D-4176-B15A-024266E0C002}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{2E9B08DB-CEC3-427A-A2E3-3752331EA454}" = rport=445 | protocol=6 | dir=out | app=system |
"{319FA57F-FF6D-4ADC-BFE3-9C0E219BE0EA}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
"{3EF392E4-B3C0-4C56-B015-5951E7092F36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{434D2511-0C08-4E66-9A78-ECDF0DFC857D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{562AD396-1F86-4761-82CB-E739AE3C5B4B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{61CF7C98-2A4A-4550-8207-DE2C0FE4A84F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{68D28DC2-1F7C-4C87-ADC9-E95A8BDC3AFF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{693524D8-7342-4513-B2BF-A4980514D876}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FBECFEF-2723-431A-9CF1-C8FA98D57264}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{72A178B9-F66A-4224-A230-4A9457C403CA}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
"{73942A0A-2B72-44FA-B863-BA527691E6A9}" = lport=138 | protocol=17 | dir=in | app=system |
"{771D2A13-5A3A-4DDA-87A9-625CAD1C9D27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{83819D9B-968C-486B-9DB3-307E2544CEEF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8FEE3BF5-ABF1-45A5-AC8A-1590925C7AA8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95459EC3-942A-45A9-986D-93C82CD7A657}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9608263E-D43B-48A0-9571-465398D670A0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{9B34D3E0-36C6-4E25-9BED-86D378CF008D}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{9B759ED9-DCE6-422A-98A9-4DA19EC489E1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A02C2C86-0E90-460C-8E28-5663B3FE9365}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA45E445-B2BC-4141-9727-DAB09AB38851}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{AE939ABC-40E4-4A1C-9A72-A739FFAB2D22}" = lport=137 | protocol=17 | dir=in | app=system |
"{B25AB5FC-7575-4685-9785-E59466276312}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B51EBF06-8FB6-433B-8D32-D2C11BD1A744}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8F7FE5E-DDAA-4B8C-A5CA-483E8B90F56A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CD6EB85B-334C-4B0B-AF6F-C8C5562B474F}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\rpcagentsrv.exe |
"{D48ED87A-0622-48AD-A714-C36F206464E8}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{D6267D13-86BD-4CCA-BFE4-B40335AD04A7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DEBDEF0A-98BF-41B4-89B6-59DF0CB7FE5B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{E610D87C-DAB5-48D2-8137-BE3F2497C31A}" = rport=138 | protocol=17 | dir=out | app=system |
"{E9602601-83F2-4291-A047-826336D3EDCD}" = lport=6951 | protocol=6 | dir=in | name=maxivista clipboard synchronisation |
"{EEF49099-8DFB-42EC-9B05-89C0EA01BD63}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{F451CE68-FEED-40DA-A133-2E69DC80BCC0}" = lport=445 | protocol=6 | dir=in | app=system |
"{F4998234-CEAC-4C2E-8AF1-2894860CCBE5}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{F7AD4783-9CA3-45AD-99F5-E4BE468AC123}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F8AF3F4B-9931-4A58-84CF-E291F7CDC919}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015A5FBE-E58A-46F9-82BA-8B6C83777562}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{05BA03D0-AA51-4D1B-A400-B6821A2A693B}" = protocol=6 | dir=in | app=c:\remote viewlog\vlsvr.exe |
"{05CF3CA9-DFE9-4155-9DCC-D6B281FF19AA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{07D4C39B-04DF-4B01-A1B0-6B83130132D1}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{15BE8AF5-D528-46E7-B94C-D778B97E2B46}" = protocol=1 | dir=in | [email protected],-28543 |
"{174A841E-272C-4279-8BCC-89E58123AABB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17E2CC95-2ED8-4AAD-822A-1861F1872E47}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{197C1390-4993-4728-9561-A1C55A318BBF}" = protocol=6 | dir=in | app=c:\users\milton\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{1C370989-11AF-4D86-B16B-11DFEC1B02D1}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{1D33FDCC-A7C4-46CB-91DB-CA5969F13F62}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{20ED130B-D7A7-45C9-851A-44A9FB259BE4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{23679BF6-4592-4656-B514-37780350D64F}" = protocol=6 | dir=in | app=c:\users\milton\appdata\roaming\dropbox\bin\dropbox.exe |
"{23C6EF2E-194A-4108-944E-CF2F6D6E9FD8}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{29E864B0-D0EA-45DE-9D20-9D6EDE111054}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{3025FBF1-6AFE-494C-93D4-7CB2039F257C}" = protocol=6 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\drobodashboard.exe |
"{30CD4E46-908A-4CC8-A723-A00F34B4E764}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{3365F765-7A12-490F-AE50-A3F46EDCAF38}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{3407F535-E386-4ECB-AD33-5357441AF097}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{36521024-93A1-4631-ACC3-1EA3E08E5CF1}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{3A6AD854-7C25-4F66-B9CA-E1DA2CD92F66}" = protocol=17 | dir=in | app=c:\program files (x86)\gabilan, inc\gabby roku media server\gabby.native.exe |
"{3BE94560-9B08-4ED3-ADB0-04B1D7F035D1}" = protocol=58 | dir=in | [email protected],-28545 |
"{42AAC6B2-3692-47DD-9F24-10C4C28D2915}" = protocol=58 | dir=out | [email protected],-28546 |
"{42D3B659-5212-4D9B-9479-17A487E6159E}" = protocol=17 | dir=in | app=c:\users\milton\appdata\roaming\dropbox\bin\dropbox.exe |
"{42DDBAE4-3306-4400-A0DC-1704574BEB44}" = protocol=17 | dir=in | app=c:\users\milton\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{44AB048C-16C5-465C-9FE0-114F8CADB516}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{452AD336-4090-4050-83AD-C716A5D08419}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{486F54D1-0951-42F5-8547-DE331149E5C7}" = protocol=17 | dir=in | app=c:\remote viewlog\vlsvr.exe |
"{4903EA89-CFC5-41A1-861E-733E583EEAEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{490BEC35-4140-4E59-BB99-9611E1F8309F}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\rpcagentsrv.exe |
"{4EE664A3-8FD2-4E4B-953E-EEF182897154}" = protocol=6 | dir=in | app=c:\program files (x86)\dmmultiview\multiview.exe |
"{6BF9521F-A04C-43F9-A3BA-D831B26467F0}" = protocol=17 | dir=in | app=c:\program files (x86)\dmmultiview\multiview.exe |
"{718F244C-443C-4DAE-B346-3B4BDA2DAE99}" = dir=in | app=c:\users\milton\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7385D7BA-A12D-4FC6-879A-758D4CDEB615}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{7638FE7F-BAD0-4534-BFA2-41CA07A12D3C}" = protocol=17 | dir=in | app=c:\users\milton\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{76B3FB2C-7D41-4C89-9AD0-666B3351C74D}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{770DEC2C-5CF5-4603-B098-024A986E68F8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{7A91CA48-8F4F-4AF8-A049-1FF70E948B31}" = protocol=6 | dir=in | app=c:\program files (x86)\gabilan, inc\gabby roku media server\gabby.native.exe |
"{7E7A2D4C-09B6-456E-8C6E-67BA42AD4DE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8DFB07B1-7997-4CE8-B933-8E39BE4DA892}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{91D684C1-C7E7-4E87-943C-7382FEAD5B05}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{929E7C9C-8443-49A3-99D6-ABA0B23E4878}" = protocol=6 | dir=in | app=c:\users\milton\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{92AD763B-A9EA-4194-BDEE-51D56B0F0D9F}" = protocol=6 | dir=in | app=c:\program files (x86)\dmmultiview\multiview.exe |
"{96199EDA-FD9E-422E-B371-62DFC331F8EC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{975729DB-917B-4D68-889B-C0FA30D110A0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{97857486-6472-4DAF-A587-6D3140717D48}" = protocol=6 | dir=out | app=system |
"{9EB78ACE-4F74-483E-AEC6-94A28DE8D497}" = protocol=17 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\ddservice.exe |
"{9F4968DA-731F-41AA-8433-AF0D8F6187A0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{A0729D70-43EA-4D60-8A0D-DEF863951138}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{A125AF01-C094-46BA-AFFF-3EEFF3621204}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{A16EB7A1-3D5E-425B-9225-F121A2E44688}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A66DBE18-8F48-4114-BDD3-992083AF92C8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A7EC6D8B-D8F1-4645-B739-651AC23D9C51}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AB35484A-DA53-4528-BC5F-4E4C6103C16E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{ADB9A7CA-028C-450B-8FD1-1C6BB78CBEE9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{B0F03D00-FC4D-4E3E-B12B-650F3936E275}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{B362192F-ABA1-42AF-A972-A2097E6DA7DA}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{B3A9848A-555C-48D9-A32D-56B01FF6A064}" = protocol=6 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\ddservice.exe |
"{B56660A8-7B69-44F2-9157-E5F9B06E2F4C}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{BAB6B706-5043-4FE2-8D36-4CA48E717A90}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BE5598DB-39DA-4E32-9E3C-8AD30B531210}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BFCD2F81-2E1C-46FC-98ED-263942DB64C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1A09E6B-76F8-4972-8545-F6A229F61B1A}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{C3AEAC92-8F05-47CE-8CEC-4CFE67C09715}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{C56574D7-8F60-4BF5-9D81-6824C9418EAD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C66A8D1A-6E71-4BCB-B2D6-CC818D0FC3F1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C70A13A3-136E-467E-9E8A-251E512DDC24}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C7425F77-A99C-467A-99F0-283659C6C00B}" = protocol=17 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\support\ddservice.exe |
"{CD420A59-7AF4-4232-B6F2-363B8CD1BF00}" = protocol=6 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\support\ddservice.exe |
"{CDF41E62-6921-4FD7-8703-6107DE313BF9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D256D0FA-5127-4CEC-8F62-59A8D07068E7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{D2F53569-ADEC-40D0-98D4-08EA64C83278}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D5E9CE23-258A-43A1-B832-7A55DC1B3585}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D79D9131-F623-4A69-A9A6-A61101F7E3A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DE2B1DD5-BB54-437A-AC83-BF82011527EE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{E01D7B62-9B24-4B3A-8128-F9249A328A04}" = protocol=1 | dir=out | [email protected],-28544 |
"{E2EDBEDA-D893-4564-B950-F3D4CDF6E236}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6F8FA91-DAE6-4211-ACE4-C9581548C1E1}" = protocol=17 | dir=in | app=c:\users\milton\appdata\roaming\mjusbsp\magicjack.exe |
"{E79C4A16-90F0-4BA6-A785-50FBF7831755}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{E8D6587A-F1C6-4921-AF31-B81CBFE5C6E6}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{EAB9DE57-4D38-438E-9ECE-E8770EF7316F}" = protocol=17 | dir=in | app=c:\program files (x86)\drobo\drobo dashboard\drobodashboard.exe |
"{EDC56062-FE5D-4DC0-8834-C36900DE70D3}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{F28F6B0B-D2FF-4DA2-8261-C3FA112510DD}" = protocol=17 | dir=in | app=c:\program files (x86)\dmmultiview\multiview.exe |
"{F8553B95-5972-4923-9B38-688632433E1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F96D8108-B300-4AAC-BF96-0813F5485427}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x64\rpcsandrasrv.exe |
"{F9DAC4D3-E21E-4805-87F7-5168453E4246}" = protocol=6 | dir=in | app=c:\users\milton\appdata\roaming\mjusbsp\magicjack.exe |
"{FE198943-5D95-4401-BD74-0597B9AA7864}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{FF3168FE-4AE8-4077-A2B7-27D734670D35}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{16BD0167-3798-4BF0-8D35-7E22DA282228}C:\program files (x86)\my bar-bat mitzvah companion\rteng7.exe" = protocol=6 | dir=in | app=c:\program files (x86)\my bar-bat mitzvah companion\rteng7.exe |
"TCP Query User{1728180D-553D-41DC-8276-2D7253E5CD11}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{1FB177EB-4196-4F92-A5BA-2E51B05168A0}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{3A1DA26D-29C0-428F-8A4C-DFE42B57713C}C:\users\milton\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\milton\appdata\local\temp\ixp000.tmp\smpcsetup.exe |
"TCP Query User{487AF85E-1220-4220-B2BD-8F63D5187010}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{5A8E4206-3B3A-4280-9B54-B5C5984E284D}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"TCP Query User{A78E1029-85E0-4C1E-915F-759B84272145}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{AA3EC576-B3E0-4AD1-AF83-CBC5523680BC}C:\users\milton\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\milton\appdata\local\temp\ixp000.tmp\smwinvnc.exe |
"TCP Query User{BE256EF5-B885-4759-BAEC-A60FF2AEB0C9}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{D6E27A93-EC99-4DBC-B8EC-5DF90D767F7B}C:\users\milton\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\milton\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{0D9A516B-94EF-4B5F-BACF-AF3ABFDDC595}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{0EBEAC1C-542A-484A-B460-C7F712044A21}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{186F3624-0207-4BCD-BB3D-3B03374FC69B}C:\users\milton\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\milton\appdata\local\temp\ixp000.tmp\smwinvnc.exe |
"UDP Query User{2561E354-70DD-481F-8683-5E032886F88C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{3B632317-5E63-45FD-96B0-E57A68E3544C}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"UDP Query User{6AE7B139-8121-42B3-9313-86C7928E8101}C:\program files (x86)\my bar-bat mitzvah companion\rteng7.exe" = protocol=17 | dir=in | app=c:\program files (x86)\my bar-bat mitzvah companion\rteng7.exe |
"UDP Query User{881A10AD-BDE7-4954-883D-C1B1791BF191}C:\users\milton\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\milton\appdata\local\temp\ixp000.tmp\smpcsetup.exe |
"UDP Query User{8BA0AF77-70D4-47F0-BB3F-19E60BBFAA22}C:\users\milton\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\milton\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{B9040F86-0FEA-40C6-A2CA-8C8A120E93BE}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{C1051CAD-1A97-4602-B11F-AACDB21F1219}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{116B366A-D721-4D85-8B63-2710FB79840E}" = CrashPlan
"{122CFA16-E9CF-488D-9D4E-60D81F619724}" = AVG 2011
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1CCF1727-A817-4FEE-A028-5466FB542934}" = Motorola Mobile Drivers Installation 5.2.0
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{211654D1-F7F8-4FF6-B008-354354354365}_is1" = MaxiVista Demo Server v4.0.12
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V2.0.7
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{2FAFDA10-6532-4D7F-AD5E-4DA610F096B1}" = MiMedia
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{44663264-E108-4938-BF9E-A767315072C9}" = Intel® Network Connections 16.3.48.0
"{4B510AC6-994B-4A6F-B455-4C754302A8C1}" = Casper 6.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{545CCB16-13C4-48CB-B11E-07C19DFDB6E3}" = Newshosting
"{5586CBEA-C071-4616-B809-6E11815D2190}" = ESET Smart Security
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft Mouse and Keyboard Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D2795DC-59E3-4E75-B59D-D23A6A18CE9C}" = ASUS Android USB Drivers
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF4CD5A3-7D69-445E-B0C0-A6A575793B94}" = Soluto
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP4
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"AVG" = AVG 2011
"EPSON Printer and Utilities" = EPSON Printer Software
"Logitech Unifying" = Logitech Unifying Software 2.00
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PROSetDX" = Intel® Network Connections 16.3.48.0
"sp6" = Logitech SetPoint 6.32
"TeraCopy_is1" = TeraCopy 2.2
"WinX DVD Copy Pro_is1" = WinX DVD Copy Pro 3.4.3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06024F70-15BC-4447-B53A-F1A7BBA21033}" = Nero 7 Ultra Edition
"{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B68672F-C64F-4D29-9EDC-ECDCBE3C5F19}" = ArcSoft TotalMedia Extreme
"{0CA6F2DA-0DCB-4627-8A0C-858E3833769F}_is1" = And Yet It Moves 1.2.0
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1" = Driver Fusion
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{123DE6D6-9566-4777-AC81-E6D86FFA95DA}" = HL-4150CDN
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1D7C9D63-1DE9-438C-8C17-F19F3641DC42}" = Bloom
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{245FCF81-55BA-4AB9-A7C1-37411595676D}" = Nuance PaperPort 12
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{288A240F-9E68-4A2E-8230-A495D6CC9AFB}" = Polar WebSync
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AE0B374-90DA-416C-9AF9-436585FD34DD}" = ASUS Sync
"{2B21DAC6-647F-497F-918F-9A389EE24C1D}" = Quicken WillMaker Plus 2012
"{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}" = ArcSoft MediaImpression
"{2D8D8F7E-346B-487C-965F-C834BDAEE342}" = Visioneer Strobe XP 100 Driver
"{3139D19F-01B5-4335-9A8B-3E55914EF104}" = DMMultiView
"{3144994E-EEA7-40A7-8D3A-FAD9A42C449A}" = ScanSnap
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{333B10B5-5DD1-44C0-891C-9738FDE14CC1}" = Drobo Dashboard
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{440E9F90-0619-4E84-8226-65AD5073AD24}" = D-Link D-ViewCam
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 3.0.0)
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA1E8E2-B2A9-40C1-8EC4-BBCB23BAAA19}_is1" = Crayon Physics Deluxe version 55
"{4CC04CB8-422A-4940-A5C9-90F233690509}_is1" = SRWare Iron 3.0.197.0
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587E78C5-3DB6-4397-82C6-E0789A0C6E30}" = Universal Client Sales Manager V2.1
"{5B24ECDD-968F-4DF2-91E5-E4BFC7B72134}" = RSDLite
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6146B9DC-C33D-11E2-BDE1-984BE15F174E}" = Evernote v. 4.6.6
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{6984B5E1-721C-4F8E-BF5A-ED5F45D90EB6}" = CyberPower PowerPanel Personal Edition 1.3.2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5E2AA3-92B9-40AD-89B9-4B4AA489AB93}" = Remote Viewlog
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}" = ACDSee 14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A5E940E-017E-47F8-9D0D-62D49C8D18ED}" = [email protected] KillDisk
"{80813829-BE27-4799-8BC7-2F75A7B6CB50}" = IHA_MessageCenter
"{80F04EEB-01DD-47EE-A471-585DA9B68448}" = Polar Daemon
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8911A5F5-06A6-4931-B193-E1FB0ECAF372}" = Exterminate3
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8077FC-7BD7-480F-9E22-2443662D8941}" = Passware Kit Basic Demo 10.1
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{AC7D34AA-B235-42EF-9411-939B5A3B716B}" = X1
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2275BC7-DB61-3F2E-604F-7F6B4ABE9956}" = Catalyst Control Center InstallProxy
"{B7F1834D-2281-4B5E-83BF-90178D052E04}" = Boson NetSim 8.0
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB586E51-4876-4BB2-91EC-5CB3D0C38145}" = CardMinder V4.1
"{BE66348A-E83F-4982-941F-DFF2F742B851}" = Microsoft Office Live Meeting 2007
"{BF90863B-BF23-4293-89F0-19EF85E2B170}" = ScanSnap Organizer
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D4378A80-C713-11DF-9399-005056C00008}" = Paragon Migrate OS to SSD™ 2.0 Special Edition
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}" = CardMinder
"{D547A594-AA85-4B92-80EB-47B371B98C68}" = Verizon Download Manager
"{D54D4A22-4382-4485-92DF-00C39F123E87}" = Device Pack
"{D5D422B9-6976-4E98-8DDF-9632CB515D7E}" = Dragon NaturallySpeaking 12
"{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2429B81-5993-4C86-AF2E-51AB2377A9E9}" = X-Lite 4
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E58F3B88-3B3E-4F85-9323-04789D979C15}" = ScanSnap Organizer
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EA61812C-29C8-4B0C-AE2C-121E53C1535E}" = EZWatch Pro Professional Grade
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDCDC19E-51C9-4DA8-9A0C-81B5D93E922C}_is1" = Ants Media Player 1.0.1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29935A2-F16A-4237-AD8E-6F4FDD2C3FF5}" = USB Stress Panic Button
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7
"{FB410000-0002-0000-0000-074957833700}" = ABBYY FineReader for ScanSnap ™ 4.1
"{FC274982-5AAD-4C20-848D-4424A5043009}_is1" = WinUtilities 9.44 Pro (GOTD)
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 EasyLogin" = 1&1 EasyLogin
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"[email protected] KillDisk FREE Suite" = [email protected] KillDisk FREE Suite
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Actual Drawing" = Actual Drawing
"Actual Windows Manager_is1" = Actual Window Manager 6.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"aignesamdeadlink_is1" = AM-DeadLink 4.6
"AnyDVD" = AnyDVD
"AppInventor Extras" = AppInventor Extras
"Ardamax Keylogger" = Ardamax Keylogger 3.2
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7 v.7.25
"Astroburn Lite" = Astroburn Lite
"ASUS WebStorage" = ASUS WebStorage
"Atomic RAR Password Recovery_is1" = Atomic RAR Password Recovery 1.20
"Audacity_is1" = Audacity 1.2.6
"AVI DVD Burner_is1" = AVI DVD Burner v6.4.0.49
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Batch JPEG Rotator_is1" = Batch JPEG Rotator v1.10
"BDlot DVD ISO Master_is1" = BDlot DVD ISO Master 3.0.2
"Belarc Advisor" = Belarc Advisor 8.1
"BitTorrent" = BitTorrent
"CA PC Tune-Up_is1" = CA PC Tune-Up 2.0.0.6
"Cisco Packet Tracer 5.3_is1" = Cisco Packet Tracer 5.3
"Codec_264" = GeoVision H264
"Codec_amp4" = GeoVision MPEG4 ASP
"Codec_AVC" = GeoVision MPEG4 AVC
"Codec_jpeg" = GeoVision JPEG
"Codec_mp2" = GeoVision MPEG2
"Colasoft Capsa 7 Free_is1" = Colasoft Capsa 7 Free
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Magician_is1" = Driver Magician 3.48
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Video Joiner_is1" = Easy Video Joiner 5.21
"EasyMailPlusID_is1" = Easy Mail Plus version 2.2.25.6
"EPSON Scanner" = EPSON Scan
"Fences 22.01" = Fences 2
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"Fitbit Data Uploader_is1" = Fitbit v2.0.0
"FITBIT&10C4&84C4" = Fitbit Base Station (Driver Removal)
"Free DVD ISO Maker (by minidvdsoft)_is1" = Free DVD ISO Maker version 1.2
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"GeoADPCM" = GeoVision ADPCM
"GEOXCodec" = GeoVision MPEG4
"GetSavin" = GetSavin
"Gold Calculator LITE-Freeware" = Gold Calculator LITE-Freeware 3.00
"Google Desktop" = Google Desktop
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"Holiday Card Organizer_is1" = Holiday Card Organizer 2.0.5
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector 2011
"InstallShield_{B7F1834D-2281-4B5E-83BF-90178D052E04}" = Boson NetSim 8.0
"LastPass" = LastPass(uninstall only)
"MakeMKV" = MakeMKV v1.7.9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MING Network Monitor Home_is1" = MING Network Monitor Home 3.5
"MING Network Monitor_is1" = MING Network Monitor 3.5
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"Mozilla Thunderbird 16.0.1 (x86 en-US)" = Mozilla Thunderbird 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My Bar-Bat Mitzvah Companion_is1" = My Bar-Bat Mitzvah Companion 3.0
"NewsLeecher_is1" = NewsLeecher v3.9 Final
"nLite_is1" = nLite 1.4.9.1
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OneTouch Version 3.0" = OneTouch Version 3.0
"Picasa 3" = Picasa 3
"ProcessLasso" = Process Lasso
"QuickPar" = QuickPar 0.9
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Spotify" = Spotify
"Stellar Phoenix Password Recovery_is1" = Stellar Phoenix Password Recovery v1.0
"The Rosetta Stone" = The Rosetta Stone
"TreeSize Free_is1" = TreeSize Free V2.5
"TrueCrypt" = TrueCrypt
"VirtualCloneDrive" = VirtualCloneDrive
"WebClient" = WebClient
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xilisoft DVD Creator" = Xilisoft DVD Creator
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"JoinMe" = join.me
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Spotify" = Spotify
"TwonkyServer" = Twonky 7

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/10/2013 2:21:07 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:07 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:15 PM | Computer Name = Flash | Source = VSS | ID = 12298
Description =

Error - 6/10/2013 2:21:24 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

Error - 6/10/2013 2:21:28 PM | Computer Name = Flash | Source = VSS | ID = 12294
Description =

[ Media Center Events ]
Error - 6/26/2012 11:36:28 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 11:36:28 PM - Error connecting to the internet. 11:36:28 PM - Unable
to contact server..

Error - 6/26/2012 11:36:42 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 11:36:33 PM - Error connecting to the internet. 11:36:33 PM - Unable
to contact server..

Error - 6/27/2012 11:37:48 AM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 11:37:47 AM - Error connecting to the internet. 11:37:48 AM - Unable
to contact server..

Error - 6/27/2012 11:38:02 AM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 11:37:54 AM - Error connecting to the internet. 11:37:54 AM - Unable
to contact server..

Error - 6/27/2012 12:38:15 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 12:38:15 PM - Error connecting to the internet. 12:38:15 PM - Unable
to contact server..

Error - 6/27/2012 12:38:24 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 12:38:21 PM - Error connecting to the internet. 12:38:21 PM - Unable
to contact server..

Error - 6/27/2012 1:38:42 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 1:38:42 PM - Error connecting to the internet. 1:38:42 PM - Unable
to contact server..

Error - 6/27/2012 1:38:55 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 1:38:47 PM - Error connecting to the internet. 1:38:47 PM - Unable
to contact server..

Error - 6/27/2012 2:39:15 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 2:39:15 PM - Error connecting to the internet. 2:39:15 PM - Unable
to contact server..

Error - 6/27/2012 2:39:45 PM | Computer Name = Flash | Source = MCUpdate | ID = 0
Description = 2:39:22 PM - Error connecting to the internet. 2:39:22 PM - Unable
to contact server..

[ System Events ]
Error - 6/10/2013 2:46:31 AM | Computer Name = Flash | Source = DCOM | ID = 10005
Description =

Error - 6/10/2013 8:15:29 AM | Computer Name = Flash | Source = Service Control Manager | ID = 7034
Description = The Soluto PCGenome Core Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 6/10/2013 8:18:11 AM | Computer Name = Flash | Source = iScsiPrt | ID = 1
Description = Initiator failed to connect to the target. Target IP address and TCP
Port number are given in dump data.

Error - 6/10/2013 8:18:11 AM | Computer Name = Flash | Source = iScsiPrt | ID = 70
Description = Error occurred when processing iSCSI logon request. The request was
not retried. Error status is given in the dump data.

Error - 6/10/2013 8:18:48 AM | Computer Name = Flash | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.2.0 service failed to start due to the following
error: %%2

Error - 6/10/2013 8:18:55 AM | Computer Name = Flash | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
CSN5PDTS82

Error - 6/10/2013 8:20:08 AM | Computer Name = Flash | Source = DCOM | ID = 10016
Description =

Error - 6/10/2013 8:21:25 AM | Computer Name = Flash | Source = Service Control Manager | ID = 7023
Description = The HP Network Devices Support service terminated with the following
error: %%126

Error - 6/10/2013 8:24:07 AM | Computer Name = Flash | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 6/10/2013 11:20:59 AM | Computer Name = Flash | Source = volsnap | ID = 393224
Description = The flush and hold writes operation on volume C: timed out while waiting
for a release writes command.


< End of report >
  • 0

#13
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hi mbk123,

Have you run any registry cleaners/optimisers between the two OTL scans or modified the log headers in any way? The reason I ask is that the run counter in both scans is showing as 1 when they should show 1 and 2 respectively. It's no problem if you have, I just can't work out what's happened here.

ESET Online Scanner:

Note: The below instructions relate to running the scan with Google Chrome only. You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the Google Chrome icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan...
  • In the window that now appears called Launch ESET Online Scanner
  • Double-click on esetsmartinstaller_enu.exe to download the ESET Smart Installer
  • Then in the lower left hand corner of the browser window double click on Posted Image >> follow the prompts
  • In the new window that appears select the option YES, I accept the Terms of Use then click on Start
  • Now in the Computer scan settings window that appears:-
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Start
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do nottouch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Did you install Ardamax Keylogger 3.2? If not, please remove it as soon as possible and change all of your passwords.

Uninstall Software

  • Click on the Start Posted Image button and select Control Panel
  • Click on Programs then click on Uninstall a program
  • You will now see a list of your installed software, double click on the following one by one to uninstall them:

    • Ashampoo WinOptimizer 7 v.7.25 (optional, but highly recommended - avoid all forms of registry cleaners should be avoided as they usually cause more harm than good)
    • BitTorrent (optional, but recommended. All forms of P2P software should be avoided)
    • GetSavin
    • Uniblue RegistryBooster (optional, but highly recommended)
  • Once you have done this, reboot your computer

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :
Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, then click on Remove Java Runtime.
  • Select the Java version you have from the drop down list, and then click on Run Uninstaller
  • Press Yes if it asks to uninstall the product.
  • Allow the uninstaller to remove the installed version.
  • When its finished, go back to JavaRa, and click Back
  • Click on Update Java Runtime and then select Download and install latest version.
  • Press Next
  • Press Java Manual Download.
  • A browser window will open with the Java download page.
  • Click the Windows offline link to download Java.
  • Run the installer.
  • Close JavaRa

Tom
  • 0

#14
tom982

tom982

    Member 1K

  • Member
  • PipPipPipPip
  • 1,183 posts
Hi mbk123,

It's been 5 days since I last heard from you, is everything okay? Threads are usually closed after three days of inactivity but if you need more time then just let me know.

Tom
  • 0

#15
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP